oAuth nightmares talk

/
Two of my co workers have presented at HackMiami on flaws people implement in their oauth implementations. The talk summary is below "OAuth is one of the most popular authorization frameworks in use today. All major platforms such as Google, Facebook, Box etc support it and you are probably thinking ... Read More

Extensive IOS hacking guide released by Security Innovation

Security Innovation has published a very extensive guide to IOS hacking that's worth checking out. Here's the table of contents 1. Setting Up iOS Pentest Lab.................. 5 1.1 Get an iOS Device...................5 1.2 Jailbreaking an iOS Device.................. 7 1.3 Installing Required Software and Utilities .................. 10 2. Acquiring iOS Binaries ... Read More

Presentation: Problems you’ll face when building a software security program

/ / Announcements, Rant, research, SDL, Vulns
A video for a talk I gave at LASCON last year made it online that some folks may find interesting. I rarely give public talks, but felt this information would have been useful to learn earlier in my career. Basically it goes through problems I've had to deal with building ... Read More