SafetyCulture Quality Engineering Meetup

SafetyCulture Quality Engineering Meetup

Jun 22, 2020 | Speaking

I had the great opportunity to speak at SafetyCulture’s inaugural quality engineering Meetup. I was the first speaker of three with the other speakers being Georgia De Pont who heads up quality at Dovetail Studios and Roger Chapman, who is a distinguished...

Building an Engineering Security Culture

Jun 21, 2020 | Podcast, Speaking

https://www.cloudsecuritypodcast.tv/videos/building-an-engineering-security-culture I had the pleasure of being on Ashish Rajan’s Cloud Security Podcast to talk about Building an Engineering Security Culture. We discussed about the following topics: What is...
Your Website Might have an Unknown OSCP Dependency

Your Website Might have an Unknown OSCP Dependency

Mar 12, 2020 | Articles, Posts

A few weeks ago, a friend who looks after a web server had an outage on their website and asked me to help troubleshoot. The cause of the outage surprised me and is the reason why I’m writing about it. The website outage was due to a dependency it had on the server of...

My Thoughts on FAIR

May 15, 2019 | Articles

photo taken from yorkfair.org I recently completed the FAIR analysis fundamentals course and here are my thoughts on it. FAIR stands for Factor Analysis of Information Risk, and is the only international standard quantitative model for information security and...
Rapid Risk Assessments

Rapid Risk Assessments

Oct 12, 2018 | Articles, Posts

That was the main take away for me from today’s talks by SANS instructor Eric Johnson. He was in the country running a workshop and talk at AISA conference in Melbourne and SANS contacted me if I was interested in having him doing a private talk to the team. I was...
Gamified Learning – Application Security

Gamified Learning – Application Security

Oct 10, 2018 | Articles, Posts

Today we had a combined application security event with another tech company.It was the first time we ran the combined event and it involved security champions from both companies. We had planned on spending the morning reviewing 4 security concepts; XSS, CSRF, RCE...
Speaking at Quality Engineering Meetup

Speaking at Quality Engineering Meetup

Oct 9, 2018 | Speaking

Great evening talking about DevSecOps at the Quality Engineering #meetup. The audience was fantastic! Everyone was so engaged and had many great question. I had to rush through towards the end as we went overtime! I had a couple of people who spoke to me after and...
My RSA Singapore 2018 Experience

My RSA Singapore 2018 Experience

Jul 27, 2018 | Speaking

Now Matters. That is the theme for this year’s RSA conference. Now matters, because it drives what’s next. Technology, the pace of development and the sophistication of attackers are better than ever. The average time from disclosure of known vulnerability to publicly...
Trust your CDN but verify with SRI

Trust your CDN but verify with SRI

Jun 15, 2016 | Articles

I attended a Sydney SecTalks meetup last night which talked about the dangers of Content Delivery Networks being compromised (CDNs). Lots of websites source their javascript and css resources from CDNs to improve their website’s performance. Examples of CDNs are...
Featured on UOW Computer Science Page

Featured on UOW Computer Science Page

Feb 28, 2016 | Articles, Posts

I sometimes do a search for my name on the University of Wollongong’s website as you never know what the search results might you. Today I discovered that I’ve been featured on the UOW Computer Science Page. 🙂...