Information Security

A short piece about the term “Information Security best practice, and how it’s harming our industry.

October 04, 2023 3 min

A rant about running vulnerability management programmes that work.

Feburary 27, 2023 3 min

A rant about running vulnerability management programmes that work.

June 07, 2022 14 min

How Information Security Risk Management can practically and significantly improve the security posture of your organisation.

Dec 31, 2021 16 min

Planned Posts

Title	Description
Microservice architecture isn’t a panacea	A pragmatic look at the pros and cons of different architectural patterns
Malware Analysis Intro	My first impressions of getting into malware analysis and reverse engineering

Virus Exchange Underground, the largest collection of malware source code, samples, and papers on the internet.

A great and exhaustive list of all things infosec. have an explore and find some treasure.

A good list of security newsletters. Some better than others. Personally, I really like Ollie Whitehouse’s ‘Bluepurple Pulse’, Clint Gibler’s ‘tl;dr sec’ newsletter and Zack Whittaker’s ‘This Week in Security’.

An open source threat intelligence feed and threat data platform that allows security researchers to investigate new threats.

An free & full-featured network, system/server and application vulnerability scanner.

An open-source phishing framework that makes it easy to test your organization’s exposure to phishing.

Snyk is a developer friendly tool that tests for vulnerabilities in code, open source dependencies, container images and infrastructure as code configurations.