Scott Helme

Free Post

hack

Yahoo! The largest breach in history

The Yahoo! breach has been getting quite a lot of coverage in the press today so I thought I'd put together a quick bit of information for those...

Free Post

report-uri.io

Introducing sensible limits to report-uri.io

I've continued to see an incredible amount of growth for report-uri.io [https://report-uri.io] and it is still exceeding all of my expectations. So that I can...

Free Post

TLS

The encrypted web is coming!

Now, more than ever, we are seeing a huge drive towards encryption on the web. In fact, encryption is now being adopted at a rate never before seen. Here are...

Free Post

new blog

Time for a refresh!

My blog started out as a general tech blog for me to talk about things that interested me but quickly grew towards a focus on security. From its humble beginnings...

Free Post

securityheaders.io

securityheaders.io updates!

Every month I'm really happy to see securityheaders.io continuing to attract new users, get great feedback and be used and talked about more and more widely. With...

Free Post

CSP

Just how much traffic can you generate using CSP?

The ability to send reports about violations of your CSP is a fantastic feature and allows you to monitor all kinds of issues on your site in real time. There...

Free Post

CSP

Using security features to do bad things

We have quite a few security features at our disposal to help us better protect our websites and our visitors. I talk about them a lot on my blog and...

Free Post

HSTS

Death by copy/paste

I was writing up an article about using security features for bad things and I stumbled across something interesting. I found what turned out to be sites having used copy/...

Free Post

2FA

Keep cyber criminals at bay, use 2FA!

One of the easiest ways to better protect your online accounts is using something called 2FA, or 2 Factor Authentication. Don't worry, it's not difficult to...

Free Post

CDN

Should CDNs tighten up their security?

I was doing some work on securityheaders.io [https://securityheaders.io] the other day and I noticed something about the CDN that I use for some of my assets. They...