rssed

a collection of dev rss feeds - blogroll

Add a new feed

Scott Helme

Posts

Google update their Minimum Viable Secure Product 🔗

Back in 2021, Google launched, alongside other organisations, a new security baseline for products known as the Minimum Viable Secure Product. Now, 2 [...]

Report URI Penetration Test 2023 🔗

It's that time of year again at Report URI, right before we start getting festive, that we have our annual penetration test and 2023 is going to be ou [...]

Report URI: A week in numbers! (2023 edition) 🔗

I simply can't believe that Report URI has now processed 1,500,000,000,000+ reports, which is unreal! That's over one trillion, five hundred billion r [...]

A Balanced Approach: New Security Headers Grading Criteria 🔗

The Security Headers grading criteria is something that doesn't change often, but when it does, there's a good reason behind the change. In this blog, [...]

What the QWAC?! 🔗

Almost 2 years on from the last time I wrote about QWACs, I'm sadly not here to tell you that things have gone well since then. In fact, I'm actually [...]

Holiday fun with my UniFi G4 Doorbell Pro! 🔗

I love having smart devices around my house, and every now and then, you can have a little bit of fun with them too! Here's what it currently looks li [...]

Sockets - Under The Hood: Understanding Truncated Request Behaviour 🔗

I'm thoroughly pleased to be able to say that I finally understand the issue that's been bothering me on Report URI for a few weeks now, and this is t [...]

Processing Truncated Requests? A PHP Debugging Deep Dive 🔗

In my previous blog post, I came across a bug in Report URI that took some effort to debug and fully understand before I could fix it. Whilst I'd iden [...]

Unravelling The Mystery Of Truncated POST Requests On Report URI 🔗

This blog post is going to detail what was a pretty lengthy journey for me in debugging an elusive issue that started to occur on Report URI recently! [...]

Do breached sites take security seriously? 🔗

Over the weekend, I saw a tweet from Troy Hunt who posed a little project idea. Having heaps of spare time... I thought I'd take on the challenge and [...]

Celebrating 250,000,000 scans on Security Headers! 🥳🎉 🔗

As I sit and write this blog post I still find it absolutely unreal how far this little idea, that I had all of those years ago, has come! Let's take [...]

Cryptographic Agility Part 1: Server Certificates 🔗

We've encountered a lot of problems of our own making in the TLS/PKI ecosystem in recent years, and whilst we've got better at dealing with them and e [...]

Security Headers is joining Probely! 🎉 🔗

I'm super excited to be making this announcement for a whole bunch of reasons that I'll go into in detail below, but, the headline is that Security He [...]

Overriding HTTP Response Headers in Chrome Dev Tools 🔗

There's a new feature in Chrome Dev Tools that's going to make it easier than ever to get started with Security Headers like Content Security Policy! [...]

Goodbye, old friend 👋🔒 🔗

It's been a really long time coming, but, the end is finally here for the padlock icon in the address bar! 🔒🚫 A Long Road Wow, where do I start?! W [...]