Category Archives: security
Suspicious Minds
Previously, on Fodder Blog: I mailed a package that was purposely unexpected to see whether someone would open it, thinking that nobody would open suspicious mail. The sender’s name was fake, the address was fake, and the package was purposely … Continue reading
The Human Element
I did have a photo for today’s post, but the person I met requested they be kept anonymous, so this will be today’s photo instead. Today’s post will probably be quite short, as I’m trying to keep things vague in … Continue reading
Password Management
The thing that was repeated the most during OWASP was the importance of not re-using passwords. I don’t know about you, but my ability to remember more than 5 things is woeful, and I definitely have more than 5 accounts, … Continue reading
OWASP AppSec Day – Lessons From a Billion Breached Records
My last talk for the conference, it was pretty tough choosing between this talk and one given by Brendan Scarvell, who claims to be able to cook 2 minute noodles in 1 minute and 57 seconds. However, I’ve been following … Continue reading
OWASP AppSec Day – Wrangling Security & Identity
The second last talk I attended at the conference was on the topic of managing multiple AWS accounts while still keeping secure. The speaker was Andrew Bienert, a security architect at SEEK. Andrew started by saying that the median time … Continue reading
OWASP AppSec Day – Dev Guide to XSS
Next stop on the security conference trip is XSS – Cross-site scripting. The speaker was Felix Shi, another security expert from New Zealand. He was also really funny and I think this was my favourite talk out of all the … Continue reading
OWASP AppSec Day – How to Spot a Wolf in Sheep’s Clothing
This was a talk on account takeover, by Nick Malcolm, a security consultant at SafeStack. He reminded me a lot of MrMoustache – mostly because he sounds a lot like him. He was a really engaging speaker, I loved listening … Continue reading
OWASP AppSec Day – Hacking AWS
The first of the talks I attended was “Hacking AWS” by Daniel Grzelak, head of security at Atlassian. This one was a little bit over my head, as I’m not too familiar with AWS, so I’ll try to reproduce the … Continue reading
OWASP AppSec Day, 2017
Attended the OWASP AppSec Day again this year (only for the single day, even though they had a course that ran for 2 days), since I had so much fun last year. It was really hard to choose between talks, … Continue reading