Articles by CdnSecurityEngineer (Articles: 2, Technical Blogs: 28, Tip/Trick: 1)

Articles: 2, Technical Blogs: 28, Tip/Trick: 1

Articles
Technical Blogs
Tips and Tricks
Reference Articles
Projects

Average article rating: 5.00

All Topics
	Innovation Dead On Arrival? 19 Feb 2014 Updated: 19 Feb 2014 Rating: 5.00/5 Votes: 1 Popularity: 0.00 Licence: CPOL Views: 8,292 Bookmarked: 0 Downloaded: 0 Please Sign up or sign in to vote. Innovation dead on arrival?
Security
	Security Engineer Manifesto 9 Feb 2015 Updated: 9 Feb 2015 Rating: 5.00/5 Votes: 3 Popularity: 2.39 Licence: CPOL Views: 11,041 Bookmarked: 4 Downloaded: 0 Please Sign up or sign in to vote. Security Engineer manifesto

Average blogs rating: 4.90

	The Need for Secure Coding [Technical Blog] 25 Jul 2013 Updated: 25 Jul 2013 Rating: 5.00/5 Votes: 1 Popularity: 0.00 Licence: CPOL Views: 8,410 Bookmarked: 3 Downloaded: 0 Please Sign up or sign in to vote. The reality is that, today’s information security landscape sucks, attacks are becoming more sophisticated, and getting folks involved in producing the software thinking about security seems like a losing battle.
	Why I Despise the Interview Coding Test [Technical Blog] 11 Feb 2013 Updated: 11 Feb 2013 Rating: 4.70/5 Votes: 8 Popularity: 4.24 Licence: CPOL Views: 28,264 Bookmarked: 5 Downloaded: 0 Please Sign up or sign in to vote. I truly believe programing tests during an interview are pointless.
.NET
	Protecting .NET Configs [Technical Blog] 20 Oct 2014 Updated: 20 Oct 2014 Rating: 4.95/5 Votes: 20 Popularity: 6.44 Licence: CPOL Views: 18,241 Bookmarked: 21 Downloaded: 0 Please Sign up or sign in to vote. Protecting .NET Configs
All Topics
	SMiShing & Canadian Banks & Data [Technical Blog] 14 Dec 2015 Updated: 14 Dec 2015 Rating: 5.00/5 Votes: 1 Popularity: 0.00 Licence: CPOL Views: 6,530 Bookmarked: 0 Downloaded: 0 Please Sign up or sign in to vote. Earlier this spring became aware of a new cyber attack (Smishing) spreading across the US after migrating it’s way through Asia. This new attack as you may have already guessed was SMiShing and subsequently it’s close cousin Vishing.
	AppSec Don’t Trust the Network [Technical Blog] 4 Feb 2015 Updated: 4 Feb 2015 Rating: 3.86/5 Votes: 3 Popularity: 1.84 Licence: CPOL Views: 8,041 Bookmarked: 3 Downloaded: 0 Please Sign up or sign in to vote. AppSec Don’t Trust the Network
	Building a Technology Career [Technical Blog] 22 Sep 2014 Updated: 22 Sep 2014 Rating: 4.40/5 Votes: 3 Popularity: 2.10 Licence: CPOL Views: 5,470 Bookmarked: 2 Downloaded: 0 Please Sign up or sign in to vote. How to build a technology career
	Why Threat Model [Technical Blog] 4 Aug 2014 Updated: 4 Aug 2014 Rating: 5.00/5 Votes: 4 Popularity: 3.01 Licence: CPOL Views: 8,185 Bookmarked: 2 Downloaded: 0 Please Sign up or sign in to vote. Your Software is insecure If this is the first time you’ve heard this, or you believe otherwise, you’re honestly in the wrong field. Software as good as it is, as useful as it is, as wonderfully inventive as it is,…Read more ›
	InfoSec is Not Enough [Technical Blog] 18 Oct 2014 Updated: 18 Oct 2014 Rating: 5.00/5 Votes: 2 Popularity: 1.51 Licence: CPOL Views: 6,500 Bookmarked: 0 Downloaded: 0 Please Sign up or sign in to vote. InfoSec is not enough
	Application Security: Agreement [Technical Blog] 23 Sep 2014 Updated: 23 Sep 2014 Rating: 5.00/5 Votes: 3 Popularity: 2.39 Licence: CPOL Views: 5,620 Bookmarked: 1 Downloaded: 0 Please Sign up or sign in to vote. Application security - business agreement
	Application Security Charter [Technical Blog] 27 Sep 2014 Updated: 27 Sep 2014 Rating: 5.00/5 Votes: 1 Popularity: 0.00 Licence: CPOL Views: 7,700 Bookmarked: 0 Downloaded: 0 Please Sign up or sign in to vote. Application Security Charter
	Your Security Position & the Vendor’s [Technical Blog] 6 Feb 2015 Updated: 6 Feb 2015 Rating: 5.00/5 Votes: 2 Popularity: 1.51 Licence: CPOL Views: 4,510 Bookmarked: 0 Downloaded: 0 Please Sign up or sign in to vote. Your security position and the vendor's
	Vendor: Insecure, Security [Technical Blog] 18 Nov 2015 Updated: 18 Nov 2015 Rating: 5.00/5 Votes: 1 Popularity: 0.00 Licence: CPOL Views: 2,850 Bookmarked: 0 Downloaded: 0 Please Sign up or sign in to vote. Vendor: Insecure, Security
IP
	Spoofing an IP is Hard [Technical Blog] 25 Jul 2014 Updated: 25 Jul 2014 Rating: 5.00/5 Votes: 8 Popularity: 4.52 Licence: CPOL Views: 40,955 Bookmarked: 9 Downloaded: 0 Please Sign up or sign in to vote. Spoofing an IP is hard
Multimedia
DirectX	Think Like a General [Technical Blog] 21 Feb 2015 Updated: 21 Feb 2015 Rating: 5.00/5 Votes: 1 Popularity: 0.00 Licence: CPOL Views: 7,211 Bookmarked: 4 Downloaded: 0 Please Sign up or sign in to vote. How to think like a general
Productivity Apps and Services
Sharepoint	Exploiting Managed Memory [Technical Blog] 30 Jan 2014 Updated: 30 Jan 2014 Rating: 4.79/5 Votes: 10 Popularity: 4.79 Licence: CPOL Views: 10,840 Bookmarked: 8 Downloaded: 0 Please Sign up or sign in to vote. Exploiting managed memory
Programming Languages
Javascript	XSS Vectors Exploited [Technical Blog] 19 Feb 2013 Updated: 19 Feb 2013 Rating: 5.00/5 Votes: 2 Popularity: 1.51 Licence: CPOL Views: 9,130 Bookmarked: 1 Downloaded: 0 Please Sign up or sign in to vote. How to exploit XSS attack vectors in a variety of ways and their consequences
Security
	Dangers of XSS [Technical Blog] 10 Jul 2013 Updated: 11 Jul 2013 Rating: 4.86/5 Votes: 5 Popularity: 3.39 Licence: CPOL Views: 14,491 Bookmarked: 7 Downloaded: 0 Please Sign up or sign in to vote. I prove everyone who’s ever said XSS isn’t a serious vulnerability wrong.
	Security Code Review [Technical Blog] 11 Feb 2013 Updated: 11 Feb 2013 Rating: 5.00/5 Votes: 2 Popularity: 1.51 Licence: CPOL Views: 8,550 Bookmarked: 3 Downloaded: 0 Please Sign up or sign in to vote. Security code review
	Designing For Security -Security Patterns [Technical Blog] 27 Jul 2014 Updated: 27 Jul 2014 Rating: 4.50/5 Votes: 2 Popularity: 1.35 Licence: CPOL Views: 7,762 Bookmarked: 4 Downloaded: 0 Please Sign up or sign in to vote. How to design for security - security patterns
	Security Design Patterns – Secure Process Creation [Technical Blog] 2 Aug 2014 Updated: 2 Aug 2014 Rating: 5.00/5 Votes: 2 Popularity: 1.51 Licence: CPOL Views: 10,051 Bookmarked: 4 Downloaded: 0 Please Sign up or sign in to vote. Intro – Secure Process Creation I chose the Secure Process Creation pattern as the first pattern to kick of the series on security design patterns because process creation is everywhere in the software world today. Ensuring that the way processes…Read more ›
	What is a Security Engineer? [Technical Blog] 4 Aug 2014 Updated: 4 Aug 2014 Rating: 5.00/5 Votes: 1 Popularity: 0.00 Licence: CPOL Views: 8,070 Bookmarked: 2 Downloaded: 0 Please Sign up or sign in to vote. Intro This is an interesting topic, my reasoning for writing this will become clear in the not too distant future, however not many organizations that are actively writing code have many folks focused or dedicated exclusively to security, if you…Read more ›
	Pillars of Application Security [Technical Blog] 27 Sep 2014 Updated: 27 Sep 2014 Rating: 5.00/5 Votes: 1 Popularity: 0.00 Licence: CPOL Views: 7,490 Bookmarked: 3 Downloaded: 0 Please Sign up or sign in to vote. Pillars of application security
	Application Security Economics [Technical Blog] 16 Oct 2014 Updated: 16 Oct 2014 Rating: 5.00/5 Votes: 1 Popularity: 0.00 Licence: CPOL Views: 4,420 Bookmarked: 2 Downloaded: 0 Please Sign up or sign in to vote. When you want to buy something that you can afford, what do you do? Well if you’re like most people you go to some financial institution and take out a loan in the amount of the item you wish to…Read more ›The post Application Security Economics appeared first on Security Synergy.
	Scalable Security Engagement Problem [Technical Blog] 25 Oct 2014 Updated: 25 Oct 2014 Rating: 5.00/5 Votes: 1 Popularity: 0.00 Licence: CPOL Views: 5,960 Bookmarked: 1 Downloaded: 0 Please Sign up or sign in to vote. Scalable Security Engagement Problem
	Quantify Your Security Position [Technical Blog] 28 Oct 2014 Updated: 28 Oct 2014 Rating: 5.00/5 Votes: 1 Popularity: 0.00 Licence: CPOL Views: 4,970 Bookmarked: 4 Downloaded: 0 Please Sign up or sign in to vote. Quantify your security position
	Case for Security Intelligence [Technical Blog] 12 Nov 2014 Updated: 12 Nov 2014 Rating: 5.00/5 Votes: 1 Popularity: 0.00 Licence: CPOL Views: 5,850 Bookmarked: 2 Downloaded: 0 Please Sign up or sign in to vote. Case for Security Intelligence
	Identity Provider Security Pattern [Technical Blog] 8 Nov 2014 Updated: 8 Nov 2014 Rating: 5.00/5 Votes: 3 Popularity: 2.39 Licence: CPOL Views: 9,571 Bookmarked: 3 Downloaded: 0 Please Sign up or sign in to vote. Identity provider security pattern
XSS
	In Depth Cross Site Scripting [Technical Blog] 11 Feb 2013 Updated: 11 Feb 2013 Rating: 5.00/5 Votes: 1 Popularity: 0.00 Licence: CPOL Views: 15,920 Bookmarked: 1 Downloaded: 0 Please Sign up or sign in to vote. Cross site scripting and the way that it can creep into our programs and what different cross site scripting input strings look like

Average tips rating: 5.00

Programming Languages
C#	Really Simple XSS and a Solution [Tip/Trick] 7 Feb 2013 Updated: 7 Feb 2013 Rating: 5.00/5 Votes: 2 Popularity: 1.51 Licence: CPOL Views: 14,330 Bookmarked: 8 Downloaded: 0 Please Sign up or sign in to vote. It only takes a few minutes to run a ZAP attack scan, which can quite possibly save your firm and you a lot of trouble in the future!

Average reference rating:

No reference articles have been posted.

Average project rating:

No projects have been posted.

CdnSecurityEngineer

Engineer

Canada

I am a Sr Engineer for a major security firm; I have been developing software professionally for 8 years now; I've worked for start ups, small companies, large companies, myself, education. Currently the company I work for has 7,000+ employees worldwide. I am responsible for our platform security, I write code, implement features, educate other engineers about security, I perform security reviews, threat modeling, continue to educate myself on the latest software. By night, I actively work to educate other developers about security and security issues. I also founded a local chapter of OWASP which I organize and run.

I cut my teeth developing in C++ and it's still where my heart is with development, lately I've been writing a lot of C# code & some java, but I do have a project or two coming out in C++ /DiectX 11 whenever I get the time.

When I am not developing code I am spending my time with my wife and daughter or I am lost deep in the woods some where on a camping trip with friends. If you can't find me with a GPS and a SPOT device then chances are I am on the Rugby pitch playing Rugby and having a great time doing so.

You can find more about me and My thoughts on security

Articles by CdnSecurityEngineer (Articles: 2, Technical Blogs: 28, Tip/Trick: 1)

Articles: 2, Technical Blogs: 28, Tip/Trick: 1

Average article rating: 5.00

All Topics

Security

Average blogs rating: 4.90

.NET

All Topics

IP

Multimedia

Productivity Apps and Services

Programming Languages

Security

XSS

Average tips rating: 5.00

Programming Languages

Average reference rating:

Average project rating: