All Stories

When the vulnerability is not the vulnerability itself

In an ideal world, all projects has good management. Projects needs strong decisions and a clear plan that make people able to build something; this is true for a bridge,...

Create a bot engine in Ruby: the botolo project

There are a lot of tutorials for creating bots on several programming languages and for a lot of web applications.

The Owasp European Tour 2013 hits Italy: 27-28 June 2013

Owasp started an awareness tour this Summer in the most important cities across Europe.

Do you trust you vulnerability assessment?

Web applications rely on server to bring users services. You read this blog and you take care of your web application security very seriously. Maybe you have also web application...

Codesake Dawn: the new security source code scanner for ruby

Prologue It was a dark and stormy night back in 2006 when I started the Owasp Orizon project which I dedicated an ad hoc story on this blog back in...

Railsberry chronicles: day 2 - The English penetration test (eventually the day I talk to 450+ oustanding developers)

Finally the day I gave the talk is arrived and it’s gone. Going on stage in front a more than 450 talented developers was an astonishing experience. It drove me...