October, 2008

  • Concurrency Attacks in Web Applications

    Hello, This is Scott Stender and Alex Vidergar from iSEC Partners, and our topic for BlueHat is Concurrency Attacks in Web Applications. Database administrators, computer architects, and operating system designers have spent decades solving the problems...
  • State of the Union

    I spent a lot of time trying to think about what to write for a BlueHat pre-conference blog entry and had a pretty hard time focusing on one topic. To handle this, I decided to comment on the state of security. While I've found plenty of things to...
  • Visualizing Software Security

    Working to find bugs in the software security industry is much like prospecting for natural resources. An engineer takes a high level view of an unknown piece of territory to determine the lay of the land and narrow down the geography into a few key locations...
  • BlueHat Special, Aisle 8…

    Handle: C-Lizzle IRL: Celene Temkin Rank: BlueHat Project Manager Likes: Culinary warfare, BlueHat hackers and responsible disclosure Dislikes: Acts of hubris, MySpace, orange mocha Frappaccinos! Hopefully by now you’ve seen the lead...
  • Black Hat Follow Up: Answering the Hard Questions

    Handle: Silver Surfer IRL: Mike Reavey Rank: Director, MSRC Likes: Warm weather, Battlestar Galactica, and responsibly reported vulnerabilities Dislikes: Rain, Rain without end, Clouds with potential for rain, reality TV, and unpatched vulns...
  • MS08-067: Example of Need for Increased Collaboration

    Handle: Cap'n Steve IRL: Steve Adegbite Rank: Senior Security Program Manager Lead Likes: Reverse Engineering an obscene amount of code and ripping it up on a snowboard Dislikes: Not much but if you hear me growl…run You've probably...
  • Observations from the EcoStrat-isphere

    Handle: Security Blanki IRL: Sarah Blankinship Rank: Senior Security Strategist Lead Likes: Vuln wrangling, teams of rivals, global climate change - the hotter the better Dislikes: Slack jawed gawkers (girls are geeks too!), customers @ risk...