Time for a refresh!

My blog started out as a general tech blog for me to talk about things that interested me but quickly grew towards a focus on security. From its humble beginnings on WordPress to my migration to Ghost and beyond, it has always served me well as an outlet for my interests and abilities. With this visual refresh I'm also starting to link in other aspects of my professional life.

How time flies!

I started my blog 4 years ago and in that time it has grown and evolved tremendously. I'd wanted to start blogging for a while but was hesitant of putting my thoughts and ideas online for all to see and scrutinise. The final nudge came when the company I was working for at the time was plunged into financial difficulties and more than 50% of the workforce was set to be made redundant. I wanted to create an online profile for myself to better demonstrate who I was and what I was capable of. Waiting until I actually needed that online profile was a bit like closing the stable door after the horse had bolted, but, there's no time like the present so I got to work. I drew a lot of inspiration from Troy's first blog on 'Why online identities are smart career moves' and decided to 'just go for it'. 4 years later, here we are. I recently dug out an old MySQL backup of my old blog and brought it to life just to have a look around.

my old blog backup brought to life

Visual refresh

Hopefully everyone has noticed the new theme that I'm now using and that I'm utilising the space a little more. Picking a new theme was actually really hard and I spent a good bit of time browsing around various theme sites. I knew what I wanted but nothing was quite making it 100% of the way there. One thing that I was looking at originally was introducing more images on the site. Ghost has a nice feature image option and some of the theme demos I was looking at were stunning. The problem was that when you take away the stock photos and use photos that I have, it didn't have quite the same effect. To use images in a blog they have to be really good and that means looking for a really good image for every blog I write. I'm not particularly artistic, hence looking for a theme rather than building my own, and finding a good image for each post I write seemed like an extra burden. Not only that but it added weight to pages too. I eventually settled on the theme you see now which I've modified to be exactly what I wanted. Feature images, social widgets, big headers and various other aspects have been chopped out to reduce page size by quite a large amount whilst still retaining the essence of the theme. I have a sidebar now which was something that I definitely wanted so that I could make use of the horizontal space that so many of my visitors have according to Google Analytics. This has allowed me to put my social icons in their own sidebar widget and open up the built in Ghost navigation links to add some pages for me to link to other aspects of the work I'm doing.

my new theme


At the beginning of this year a great opportunity came up for me to start delivering professional training alongside Ivan Ristić through his publishing company Feisty Duck. This has worked out really well and the social aspect of training is something that I really enjoy too. Everything that I publish on my blog is intended to help people better deploy security online so to be able to take that to a whole new level and deliver these training courses is a big personal victory for me. Having now delivered countless courses up and down the UK we're about to start delivering them internationally too. You can find more details on the new Training page of my site!

feisty duck training


I started attending conferences as part of one of my previous job roles and quickly realised how much benefit I got from them. There's a great wealth of technical knowledge to take away from these events but often just as important are the connections I make with the people I meet. Wanting to get more involved in the conference scene I gave my first talk at a local OWASP chapter meet back in 2015 and have become more and more active since then. You can now find details of my speaking engagements on the new Speaking page, linked up at the top, or in the Upcoming Events section in the sidebar. If you just want to see if I'm attending an event near you or to contact me about speaking at your event then please feel free to take a look.

my talk at bsides manchester 2016


I've often featured in the media both nationally and internationally for security research that I've published but I've also done independent verification for news outlets on major stories and provided comments and input on current topics relating to security. The Media page lists a few of the publications I've featured in or done work for and also contains a link to my media archive. If you'd like to get in touch with me regarding a story please use the details on the Contact page.

some media logos


I've played with the idea of advertising on and off for a long time on my blog. I definitely don't want anything annoying or invasive but I do feel that there is room for a subtle banner or box somewhere that generates a little bit of revenue to help me cover some of the costs involved in hosting this site and others. One of my biggest gripes with the current advertising model on the Internet is that no one has set fire to it yet. You get huge penalties for loading what are often numerous assets, they completely trash your CSP and have often been used as vectors to spread malware and do other nasty things like track people. Such is the reason that ad-blockers have become so prolific. No more! Much like I recently announced that securityheaders.io now has a sponsor I'm also taking a similar approach on my blog. Instead of including 3rd party ad providers and all of the negatives that come with them, I'm now self hosting adverts for those who wish to advertise on my site. The new banner that you see down at the bottom is now provided by TrackJS, the first company to take part, but crucially, is hosted by me. This means I'm in full control of what is included on my site and nothing bad like anything mentioned above will happen to my users. Because it's nice and friendly it shouldn't be blocked by most ad blockers but it'd be awesome if you could whitelist my site anyway and help to support it. I promise that I won't do anything bad with my new found power!

I hope you enjoy my new blog and some of things I have planned in the coming weeks and months, there're some nice blogs that I'm looking forward to publishing!

Author image
About Scott
Researcher, blogger and international speaker. I'm the creator of report-uri.io and securityheaders.io, free tools to help improve online security.