Posts Tagged ‘Web And Information Security’
WordPress Website Security: WordSesh 2013
Here is an online presentation I gave at WordSesh 2013. Always weird when you give an online presentation, unable to gauge the crowd and respond accordingly. Look forward to your feedback.
Read MoreWordCamp Miami 2013: WordPress Website Security
I’ll be in Miami this weekend, for WordCamp Miami 2013, giving a new, updated talk on Website Security. Come by and say hi if you’re around — If you’re not, no problem, I’ve included my slides below in this post for your reference. My talk is titled Staying of the Website Threats and Becoming One…
Read MoreOSSEC For Website Security: Part I
OSSEC HIDS is my preferred host-based intrusion detection system (HIDS). I have to admit I am a bit partial to it because my good friend Daniel Cid built it and sold it to Trend Micro / Third Brigade back in 2008. I have what many don’t have, that’s the ability to pester Daniel until he…
Read MoreProtect Your Website Vulnerabilities With a WAF: New Compairson Report: CloudFlare vs Incapsula vs ModSecurity
A new report came out in February, put together by Zero Science Lab, in which they compare the effectiveness between CloudFlare and Incapsula. In it they did the same thing Philip Tibom of Sweden did last year in his comparative report in which he concluded that Incapsula was the superior product. In this new report…
Read MoreSecurity Implications of WordPress in The Enterprise
My Chileno brother from another mother, Chris Lema, put out a great guest post on WPEngine yesterday talking about WordPress and the Enterprise. He talks to the how and why of it’s emergence in the enterprise scene, but in the process makes a number of statements that very clearly explains the challenges we face as…
Read MoreWeb Application Vulnerability Scanners: W3AF – 12.10 xUbuntu Installation
I have been interested in the Web Application Attack and Audit Framework (W3AF) since I first heard about it last summer, 2012. It was unfortunately not the most straight forward installation, it contains a number of dependencies and not something I was willing to invest into. I was also a bit more novice than I…
Read More