Here are some of my most recent posts that you may have missed:
- Mythbusting: Static Analysis Software Testing – 100% Code Coverage
- PROTIP: Security as a Differentiator
- PROTIP: Publish Security Scoreboards Internally
- Recent SQL Injection Hacks – Things You Should Know
- If You Want to Improve Something, Measure It
- An Incident Is a Terrible Thing to Waste (even those of others)
- (CYA) Cover Your Applications – All of Them
- The Necessity of Compliance Alone Is Insufficient for Justifying Security Investment
- Theory: Google will open source their Web server — or should
- Are 20% of developers responsible for 80% of the vulnerabilities?
I'll continue posting here, only at a much lower volume, and exclusively about personal things like my adventures in Brazilian Jiu-Jitsu.