Scott Helme (Page 26)

Why my blog is Creative Commons licensed

I've had a fairly interesting conversation a couple of times about why I chose to license my blog under a Creative Commons license and particularly why I allowed...

Analysing massive traffic volumes on report-uri.io

Free Post

Incapsula

Analysing massive traffic volumes on report-uri.io

After the two year birthday of report-uri.io I wanted to take a look at where the service is and just how much work it's doing on a...

Free Post

charger

How I almost burnt my hotel down with a 'genuine' MacBook Pro charger

I've had my trusty MacBook Pro (mid-2009) for many years now and the original charger was starting to show its age. I wanted to replace it and bought...

Designing a new Security Header: Expect-Staple

Free Post

OCSP Stapling

Designing a new Security Header: Expect-Staple

I've talked about OCSP Stapling in the past and more recently about the new Must-Staple flag you can set in your certificates, but there's a bit...

Free Post

nomx

nomx: The world's most secure communications protocol

I was recently invited to take part in some research by BBC Click [http://www.bbc.co.uk/programmes/n13xtmd5], alongside Professor Alan Woodward [https://twitter.com/ProfWoodward], to analyse...

Free Post

report-uri.io

Imperva Incapsula are now supporting report-uri.io

With a constantly increasing traffic load to contend with, report-uri.io needs some support. Fortunately for us some help came from Imperva Incapsula who are now protecting report-uri.io with...

Free Post

HTTPS

Certificate Authority Authorization

CAA is a new mechanism that will allow site owners to specify which Certificate Authorities are authorised to issue certificates for their domain name. It's a simple DNS record so setup is a breeze and SSL Labs is now checking for it,...

Free Post

crawl

Publishing my daily crawler data for wider analysis

I've been running crawls of the Alexa Top 1 Million and publishing results every 6 months for the last 2 years. As promised I'm now opening...

Free Post

Certificate Transparency

A new security header: Expect-CT

With the October 2017 deadline approaching for compliance with Chrome's Certificate Transparency policy, sites can use the new Expect-CT header to determine if they're ready. It&...

Free Post

CSP

CSP reports now indicate their disposition!

Up until now we've had to rely on GET parameters to identify whether CSP reports were enforced or sent as part of a report-only policy. This added friction...

Scott Helme

Hi, I'm Scott Helme, a Security Researcher, Entrepreneur and International Speaker. I'm the creator of Report URI and Security Headers, and I deliver world renowned training on Hacking and Encryption.

Why my blog is Creative Commons licensed

Analysing massive traffic volumes on report-uri.io

How I almost burnt my hotel down with a 'genuine' MacBook Pro charger

Designing a new Security Header: Expect-Staple

nomx: The world's most secure communications protocol

Imperva Incapsula are now supporting report-uri.io

Certificate Authority Authorization

Publishing my daily crawler data for wider analysis

A new security header: Expect-CT

CSP reports now indicate their disposition!

Upcoming Events

Cheat Sheets

Projects

Upcoming Events

Cheat Sheets

Projects

Follow