The Armored Code
A blog talking about offensive and defensive security and how to craft software in a secure way
Creating awereness on an hostile environment
With a colleague we were wondering about how much difficult is to create an application security awareness climate in big corporate development team. Please bear in mind that since I’m...
12 Mar 2013
Ruby on Rails cheatsheet: the review
Jim Manico is a friend and a rinomated security professional. He announced in Owasp mailing list that a Ruby on Rails cheatsheet is available.
05 Mar 2013
Exploiting SSH weak passwords the ruby way
Even before starting writing complex input filters to manage your users’ input, you must care about the password you use on your servers. If they are poor, no application security...
15 Feb 2013
Is Vulnerability Management a buzz word?
Some days ago, on a Facebook.com group about Italian startups, a smart guy said he had a breakthrough product he is going to develop: a cloud based solution to store...
23 Jan 2013
Defending yourself is not a crime
When I wrote last week post incipt, I wasn’t aware I was going to make a prophecy about 2013 and application security.
11 Jan 2013
CVE-2012-5664: Sql Injection on Rails... again
2013 is well promising for application security. Two days ago Aaron Patterson, a rails core member announced a SQL Injection vulnerability for ActiveRecord ORM included in Rails framework.
04 Jan 2013
Never miss a
from us, subscribe to our newsletter