Click here to Skip to main content
15,936,821 members

Articles by CdnSecurityEngineer (Articles: 2, Technical Blogs: 28, Tip/Trick: 1)

Articles: 2, Technical Blogs: 28, Tip/Trick: 1

RSS Feed

Average article rating: 5.00

All Topics
19 Feb 2014   Updated: 19 Feb 2014   Rating: 5.00/5    Votes: 1   Popularity: 0.00
Licence: CPOL    Views: 8,372     Bookmarked: 0   Downloaded: 0
Please Sign up or sign in to vote.
Innovation dead on arrival?
Security
9 Feb 2015   Updated: 9 Feb 2015   Rating: 5.00/5    Votes: 3   Popularity: 2.39
Licence: CPOL    Views: 11,361     Bookmarked: 4   Downloaded: 0
Please Sign up or sign in to vote.
Security Engineer manifesto

Average blogs rating: 4.90

25 Jul 2013   Updated: 25 Jul 2013   Rating: 5.00/5    Votes: 1   Popularity: 0.00
Licence: CPOL    Views: 8,470     Bookmarked: 3   Downloaded: 0
Please Sign up or sign in to vote.
The reality is that, today’s information security landscape sucks, attacks are becoming more sophisticated, and getting folks involved in producing the software thinking about security seems like a losing battle.
11 Feb 2013   Updated: 11 Feb 2013   Rating: 4.70/5    Votes: 8   Popularity: 4.24
Licence: CPOL    Views: 28,555     Bookmarked: 5   Downloaded: 0
Please Sign up or sign in to vote.
I truly believe programing tests during an interview are pointless.
.NET
20 Oct 2014   Updated: 20 Oct 2014   Rating: 4.95/5    Votes: 20   Popularity: 6.44
Licence: CPOL    Views: 18,711     Bookmarked: 21   Downloaded: 0
Please Sign up or sign in to vote.
Protecting .NET Configs
All Topics
14 Dec 2015   Updated: 14 Dec 2015   Rating: 5.00/5    Votes: 1   Popularity: 0.00
Licence: CPOL    Views: 6,600     Bookmarked: 0   Downloaded: 0
Please Sign up or sign in to vote.
Earlier this spring became aware of a new cyber attack (Smishing) spreading across the US after migrating it’s way through Asia. This new attack as you may have already guessed was SMiShing and subsequently it’s close cousin Vishing.
4 Feb 2015   Updated: 4 Feb 2015   Rating: 3.86/5    Votes: 3   Popularity: 1.84
Licence: CPOL    Views: 8,171     Bookmarked: 3   Downloaded: 0
Please Sign up or sign in to vote.
AppSec Don’t Trust the Network
22 Sep 2014   Updated: 22 Sep 2014   Rating: 4.40/5    Votes: 3   Popularity: 2.10
Licence: CPOL    Views: 5,560     Bookmarked: 2   Downloaded: 0
Please Sign up or sign in to vote.
How to build a technology career
4 Aug 2014   Updated: 4 Aug 2014   Rating: 5.00/5    Votes: 4   Popularity: 3.01
Licence: CPOL    Views: 8,355     Bookmarked: 2   Downloaded: 0
Please Sign up or sign in to vote.
Your Software is insecure If this is the first time you’ve heard this, or you believe otherwise, you’re honestly in the wrong field. Software as good as it is, as useful as it is, as wonderfully inventive as it is,…Read more ›
18 Oct 2014   Updated: 18 Oct 2014   Rating: 5.00/5    Votes: 2   Popularity: 1.51
Licence: CPOL    Views: 6,560     Bookmarked: 0   Downloaded: 0
Please Sign up or sign in to vote.
InfoSec is not enough
23 Sep 2014   Updated: 23 Sep 2014   Rating: 5.00/5    Votes: 3   Popularity: 2.39
Licence: CPOL    Views: 5,670     Bookmarked: 1   Downloaded: 0
Please Sign up or sign in to vote.
Application security - business agreement
27 Sep 2014   Updated: 27 Sep 2014   Rating: 5.00/5    Votes: 1   Popularity: 0.00
Licence: CPOL    Views: 7,780     Bookmarked: 0   Downloaded: 0
Please Sign up or sign in to vote.
Application Security Charter
6 Feb 2015   Updated: 6 Feb 2015   Rating: 5.00/5    Votes: 2   Popularity: 1.51
Licence: CPOL    Views: 4,560     Bookmarked: 0   Downloaded: 0
Please Sign up or sign in to vote.
Your security position and the vendor's
18 Nov 2015   Updated: 18 Nov 2015   Rating: 5.00/5    Votes: 1   Popularity: 0.00
Licence: CPOL    Views: 2,880     Bookmarked: 0   Downloaded: 0
Please Sign up or sign in to vote.
Vendor: Insecure, Security
IP
25 Jul 2014   Updated: 25 Jul 2014   Rating: 5.00/5    Votes: 8   Popularity: 4.52
Licence: CPOL    Views: 41,366     Bookmarked: 9   Downloaded: 0
Please Sign up or sign in to vote.
Spoofing an IP is hard
Multimedia
DirectX
21 Feb 2015   Updated: 21 Feb 2015   Rating: 5.00/5    Votes: 1   Popularity: 0.00
Licence: CPOL    Views: 7,322     Bookmarked: 4   Downloaded: 0
Please Sign up or sign in to vote.
How to think like a general
Productivity Apps and Services
Sharepoint
30 Jan 2014   Updated: 30 Jan 2014   Rating: 4.79/5    Votes: 10   Popularity: 4.79
Licence: CPOL    Views: 11,010     Bookmarked: 8   Downloaded: 0
Please Sign up or sign in to vote.
Exploiting managed memory
Programming Languages
Javascript
19 Feb 2013   Updated: 19 Feb 2013   Rating: 5.00/5    Votes: 2   Popularity: 1.51
Licence: CPOL    Views: 9,210     Bookmarked: 1   Downloaded: 0
Please Sign up or sign in to vote.
How to exploit XSS attack vectors in a variety of ways and their consequences
Security
10 Jul 2013   Updated: 11 Jul 2013   Rating: 4.86/5    Votes: 5   Popularity: 3.39
Licence: CPOL    Views: 14,723     Bookmarked: 7   Downloaded: 0
Please Sign up or sign in to vote.
I prove everyone who’s ever said XSS isn’t a serious vulnerability wrong.
11 Feb 2013   Updated: 11 Feb 2013   Rating: 5.00/5    Votes: 2   Popularity: 1.51
Licence: CPOL    Views: 8,672     Bookmarked: 3   Downloaded: 0
Please Sign up or sign in to vote.
Security code review
27 Jul 2014   Updated: 27 Jul 2014   Rating: 4.50/5    Votes: 2   Popularity: 1.35
Licence: CPOL    Views: 7,934     Bookmarked: 4   Downloaded: 0
Please Sign up or sign in to vote.
How to design for security - security patterns
2 Aug 2014   Updated: 2 Aug 2014   Rating: 5.00/5    Votes: 2   Popularity: 1.51
Licence: CPOL    Views: 10,254     Bookmarked: 4   Downloaded: 0
Please Sign up or sign in to vote.
Intro – Secure Process Creation I chose the Secure Process Creation pattern as the first pattern to kick of the series on security design patterns because process creation is everywhere in the software world today. Ensuring that the way processes…Read more ›
4 Aug 2014   Updated: 4 Aug 2014   Rating: 5.00/5    Votes: 1   Popularity: 0.00
Licence: CPOL    Views: 8,222     Bookmarked: 2   Downloaded: 0
Please Sign up or sign in to vote.
Intro This is an interesting topic, my reasoning for writing this will become clear in the not too distant future, however not many organizations that are actively writing code have many folks focused or dedicated exclusively to security, if you…Read more ›
27 Sep 2014   Updated: 27 Sep 2014   Rating: 5.00/5    Votes: 1   Popularity: 0.00
Licence: CPOL    Views: 7,540     Bookmarked: 3   Downloaded: 0
Please Sign up or sign in to vote.
Pillars of application security
16 Oct 2014   Updated: 16 Oct 2014   Rating: 5.00/5    Votes: 1   Popularity: 0.00
Licence: CPOL    Views: 4,473     Bookmarked: 2   Downloaded: 0
Please Sign up or sign in to vote.
When you want to buy something that you can afford, what do you do? Well if you’re like most people you go to some financial institution and take out a loan in the amount of the item you wish to…Read more ›The post Application Security Economics appeared first on Security Synergy.
25 Oct 2014   Updated: 25 Oct 2014   Rating: 5.00/5    Votes: 1   Popularity: 0.00
Licence: CPOL    Views: 6,040     Bookmarked: 1   Downloaded: 0
Please Sign up or sign in to vote.
Scalable Security Engagement Problem
28 Oct 2014   Updated: 28 Oct 2014   Rating: 5.00/5    Votes: 1   Popularity: 0.00
Licence: CPOL    Views: 5,030     Bookmarked: 4   Downloaded: 0
Please Sign up or sign in to vote.
Quantify your security position
12 Nov 2014   Updated: 12 Nov 2014   Rating: 5.00/5    Votes: 1   Popularity: 0.00
Licence: CPOL    Views: 5,914     Bookmarked: 2   Downloaded: 0
Please Sign up or sign in to vote.
Case for Security Intelligence
8 Nov 2014   Updated: 8 Nov 2014   Rating: 5.00/5    Votes: 3   Popularity: 2.39
Licence: CPOL    Views: 9,752     Bookmarked: 3   Downloaded: 0
Please Sign up or sign in to vote.
Identity provider security pattern
XSS
11 Feb 2013   Updated: 11 Feb 2013   Rating: 5.00/5    Votes: 1   Popularity: 0.00
Licence: CPOL    Views: 16,010     Bookmarked: 1   Downloaded: 0
Please Sign up or sign in to vote.
Cross site scripting and the way that it can creep into our programs and what different cross site scripting input strings look like

Average tips rating: 5.00

Programming Languages
C#
7 Feb 2013   Updated: 7 Feb 2013   Rating: 5.00/5    Votes: 2   Popularity: 1.51
Licence: CPOL    Views: 14,450     Bookmarked: 8   Downloaded: 0
Please Sign up or sign in to vote.
It only takes a few minutes to run a ZAP attack scan, which can quite possibly save your firm and you a lot of trouble in the future!

Average reference rating:

No reference articles have been posted.

Average project rating:

No projects have been posted.
Engineer
Canada Canada
I am a Sr Engineer for a major security firm; I have been developing software professionally for 8 years now; I've worked for start ups, small companies, large companies, myself, education. Currently the company I work for has 7,000+ employees worldwide. I am responsible for our platform security, I write code, implement features, educate other engineers about security, I perform security reviews, threat modeling, continue to educate myself on the latest software. By night, I actively work to educate other developers about security and security issues. I also founded a local chapter of OWASP which I organize and run.

I cut my teeth developing in C++ and it's still where my heart is with development, lately I've been writing a lot of C# code & some java, but I do have a project or two coming out in C++ /DiectX 11 whenever I get the time.

When I am not developing code I am spending my time with my wife and daughter or I am lost deep in the woods some where on a camping trip with friends. If you can't find me with a GPS and a SPOT device then chances are I am on the Rugby pitch playing Rugby and having a great time doing so.


You can find more about me and My thoughts on security