Click here to Skip to main content
16,019,418 members

Articles by CdnSecurityEngineer (Articles: 2, Technical Blogs: 28, Tip/Trick: 1)

Articles: 2, Technical Blogs: 28, Tip/Trick: 1

RSS Feed

Average article rating: 5.00

All Topics
19 Feb 2014   Updated: 19 Feb 2014   Rating: 5.00/5    Votes: 1   Popularity: 0.00
Licence: CPOL    Views: 8,492     Bookmarked: 0   Downloaded: 0
Please Sign up or sign in to vote.
Innovation dead on arrival?
Security
9 Feb 2015   Updated: 9 Feb 2015   Rating: 5.00/5    Votes: 3   Popularity: 2.39
Licence: CPOL    Views: 11,651     Bookmarked: 4   Downloaded: 0
Please Sign up or sign in to vote.
Security Engineer manifesto

Average blogs rating: 4.90

25 Jul 2013   Updated: 25 Jul 2013   Rating: 5.00/5    Votes: 1   Popularity: 0.00
Licence: CPOL    Views: 8,590     Bookmarked: 3   Downloaded: 0
Please Sign up or sign in to vote.
The reality is that, today’s information security landscape sucks, attacks are becoming more sophisticated, and getting folks involved in producing the software thinking about security seems like a losing battle.
11 Feb 2013   Updated: 11 Feb 2013   Rating: 4.70/5    Votes: 8   Popularity: 4.24
Licence: CPOL    Views: 28,875     Bookmarked: 5   Downloaded: 0
Please Sign up or sign in to vote.
I truly believe programing tests during an interview are pointless.
.NET
20 Oct 2014   Updated: 20 Oct 2014   Rating: 4.95/5    Votes: 20   Popularity: 6.44
Licence: CPOL    Views: 18,981     Bookmarked: 21   Downloaded: 0
Please Sign up or sign in to vote.
Protecting .NET Configs
All Topics
14 Dec 2015   Updated: 14 Dec 2015   Rating: 5.00/5    Votes: 1   Popularity: 0.00
Licence: CPOL    Views: 6,660     Bookmarked: 0   Downloaded: 0
Please Sign up or sign in to vote.
Earlier this spring became aware of a new cyber attack (Smishing) spreading across the US after migrating it’s way through Asia. This new attack as you may have already guessed was SMiShing and subsequently it’s close cousin Vishing.
4 Feb 2015   Updated: 4 Feb 2015   Rating: 3.86/5    Votes: 3   Popularity: 1.84
Licence: CPOL    Views: 8,221     Bookmarked: 3   Downloaded: 0
Please Sign up or sign in to vote.
AppSec Don’t Trust the Network
22 Sep 2014   Updated: 22 Sep 2014   Rating: 4.40/5    Votes: 3   Popularity: 2.10
Licence: CPOL    Views: 5,610     Bookmarked: 2   Downloaded: 0
Please Sign up or sign in to vote.
How to build a technology career
4 Aug 2014   Updated: 4 Aug 2014   Rating: 5.00/5    Votes: 4   Popularity: 3.01
Licence: CPOL    Views: 8,525     Bookmarked: 2   Downloaded: 0
Please Sign up or sign in to vote.
Your Software is insecure If this is the first time you’ve heard this, or you believe otherwise, you’re honestly in the wrong field. Software as good as it is, as useful as it is, as wonderfully inventive as it is,…Read more ›
18 Oct 2014   Updated: 18 Oct 2014   Rating: 5.00/5    Votes: 2   Popularity: 1.51
Licence: CPOL    Views: 6,630     Bookmarked: 0   Downloaded: 0
Please Sign up or sign in to vote.
InfoSec is not enough
23 Sep 2014   Updated: 23 Sep 2014   Rating: 5.00/5    Votes: 3   Popularity: 2.39
Licence: CPOL    Views: 5,720     Bookmarked: 1   Downloaded: 0
Please Sign up or sign in to vote.
Application security - business agreement
27 Sep 2014   Updated: 27 Sep 2014   Rating: 5.00/5    Votes: 1   Popularity: 0.00
Licence: CPOL    Views: 7,890     Bookmarked: 0   Downloaded: 0
Please Sign up or sign in to vote.
Application Security Charter
6 Feb 2015   Updated: 6 Feb 2015   Rating: 5.00/5    Votes: 2   Popularity: 1.51
Licence: CPOL    Views: 4,620     Bookmarked: 0   Downloaded: 0
Please Sign up or sign in to vote.
Your security position and the vendor's
18 Nov 2015   Updated: 18 Nov 2015   Rating: 5.00/5    Votes: 1   Popularity: 0.00
Licence: CPOL    Views: 2,980     Bookmarked: 0   Downloaded: 0
Please Sign up or sign in to vote.
Vendor: Insecure, Security
IP
25 Jul 2014   Updated: 25 Jul 2014   Rating: 5.00/5    Votes: 8   Popularity: 4.52
Licence: CPOL    Views: 41,796     Bookmarked: 9   Downloaded: 0
Please Sign up or sign in to vote.
Spoofing an IP is hard
Multimedia
DirectX
21 Feb 2015   Updated: 21 Feb 2015   Rating: 5.00/5    Votes: 1   Popularity: 0.00
Licence: CPOL    Views: 7,472     Bookmarked: 4   Downloaded: 0
Please Sign up or sign in to vote.
How to think like a general
Productivity Apps and Services
Sharepoint
30 Jan 2014   Updated: 30 Jan 2014   Rating: 4.79/5    Votes: 10   Popularity: 4.79
Licence: CPOL    Views: 11,170     Bookmarked: 8   Downloaded: 0
Please Sign up or sign in to vote.
Exploiting managed memory
Programming Languages
Javascript
19 Feb 2013   Updated: 19 Feb 2013   Rating: 5.00/5    Votes: 2   Popularity: 1.51
Licence: CPOL    Views: 9,280     Bookmarked: 1   Downloaded: 0
Please Sign up or sign in to vote.
How to exploit XSS attack vectors in a variety of ways and their consequences
Security
10 Jul 2013   Updated: 11 Jul 2013   Rating: 4.86/5    Votes: 5   Popularity: 3.39
Licence: CPOL    Views: 14,993     Bookmarked: 7   Downloaded: 0
Please Sign up or sign in to vote.
I prove everyone who’s ever said XSS isn’t a serious vulnerability wrong.
11 Feb 2013   Updated: 11 Feb 2013   Rating: 5.00/5    Votes: 2   Popularity: 1.51
Licence: CPOL    Views: 8,772     Bookmarked: 3   Downloaded: 0
Please Sign up or sign in to vote.
Security code review
27 Jul 2014   Updated: 27 Jul 2014   Rating: 4.50/5    Votes: 2   Popularity: 1.35
Licence: CPOL    Views: 8,054     Bookmarked: 4   Downloaded: 0
Please Sign up or sign in to vote.
How to design for security - security patterns
2 Aug 2014   Updated: 2 Aug 2014   Rating: 5.00/5    Votes: 2   Popularity: 1.51
Licence: CPOL    Views: 10,454     Bookmarked: 4   Downloaded: 0
Please Sign up or sign in to vote.
Intro – Secure Process Creation I chose the Secure Process Creation pattern as the first pattern to kick of the series on security design patterns because process creation is everywhere in the software world today. Ensuring that the way processes…Read more ›
4 Aug 2014   Updated: 4 Aug 2014   Rating: 5.00/5    Votes: 1   Popularity: 0.00
Licence: CPOL    Views: 8,332     Bookmarked: 2   Downloaded: 0
Please Sign up or sign in to vote.
Intro This is an interesting topic, my reasoning for writing this will become clear in the not too distant future, however not many organizations that are actively writing code have many folks focused or dedicated exclusively to security, if you…Read more ›
27 Sep 2014   Updated: 27 Sep 2014   Rating: 5.00/5    Votes: 1   Popularity: 0.00
Licence: CPOL    Views: 7,620     Bookmarked: 3   Downloaded: 0
Please Sign up or sign in to vote.
Pillars of application security
16 Oct 2014   Updated: 16 Oct 2014   Rating: 5.00/5    Votes: 1   Popularity: 0.00
Licence: CPOL    Views: 4,513     Bookmarked: 2   Downloaded: 0
Please Sign up or sign in to vote.
When you want to buy something that you can afford, what do you do? Well if you’re like most people you go to some financial institution and take out a loan in the amount of the item you wish to…Read more ›The post Application Security Economics appeared first on Security Synergy.
25 Oct 2014   Updated: 25 Oct 2014   Rating: 5.00/5    Votes: 1   Popularity: 0.00
Licence: CPOL    Views: 6,090     Bookmarked: 1   Downloaded: 0
Please Sign up or sign in to vote.
Scalable Security Engagement Problem
28 Oct 2014   Updated: 28 Oct 2014   Rating: 5.00/5    Votes: 1   Popularity: 0.00
Licence: CPOL    Views: 5,060     Bookmarked: 4   Downloaded: 0
Please Sign up or sign in to vote.
Quantify your security position
12 Nov 2014   Updated: 12 Nov 2014   Rating: 5.00/5    Votes: 1   Popularity: 0.00
Licence: CPOL    Views: 5,944     Bookmarked: 2   Downloaded: 0
Please Sign up or sign in to vote.
Case for Security Intelligence
8 Nov 2014   Updated: 8 Nov 2014   Rating: 5.00/5    Votes: 3   Popularity: 2.39
Licence: CPOL    Views: 9,932     Bookmarked: 3   Downloaded: 0
Please Sign up or sign in to vote.
Identity provider security pattern
XSS
11 Feb 2013   Updated: 11 Feb 2013   Rating: 5.00/5    Votes: 1   Popularity: 0.00
Licence: CPOL    Views: 16,200     Bookmarked: 1   Downloaded: 0
Please Sign up or sign in to vote.
Cross site scripting and the way that it can creep into our programs and what different cross site scripting input strings look like

Average tips rating: 5.00

Programming Languages
C#
7 Feb 2013   Updated: 7 Feb 2013   Rating: 5.00/5    Votes: 2   Popularity: 1.51
Licence: CPOL    Views: 14,540     Bookmarked: 8   Downloaded: 0
Please Sign up or sign in to vote.
It only takes a few minutes to run a ZAP attack scan, which can quite possibly save your firm and you a lot of trouble in the future!

Average reference rating:

No reference articles have been posted.

Average project rating:

No projects have been posted.
Engineer
Canada Canada
I am a Sr Engineer for a major security firm; I have been developing software professionally for 8 years now; I've worked for start ups, small companies, large companies, myself, education. Currently the company I work for has 7,000+ employees worldwide. I am responsible for our platform security, I write code, implement features, educate other engineers about security, I perform security reviews, threat modeling, continue to educate myself on the latest software. By night, I actively work to educate other developers about security and security issues. I also founded a local chapter of OWASP which I organize and run.

I cut my teeth developing in C++ and it's still where my heart is with development, lately I've been writing a lot of C# code & some java, but I do have a project or two coming out in C++ /DiectX 11 whenever I get the time.

When I am not developing code I am spending my time with my wife and daughter or I am lost deep in the woods some where on a camping trip with friends. If you can't find me with a GPS and a SPOT device then chances are I am on the Rugby pitch playing Rugby and having a great time doing so.


You can find more about me and My thoughts on security