Whole Foods Elitism | Daniel Miessler
I like the way Whole Foods makes me feel, but I don’t like the fact that it makes me feel that way. It reeks of…
Category: Mix
A Crazy Idea Regarding the Obama Administration and Security
I have a wicked crazy idea. What if we in the information security community were to organize a campaign to get level-headed, rational thinkers into…
Entering the “Cloud Security” Fray
I’ve not spent a lot of time thinking about this, but here’s how the CloudSec variables move in my mind. The current state of Security…
Microsoft’s Best Kept Secret For IT Professionals
On the desk next to me sits full, legal copies of the following Microsoft software: Windows Server 2008 Windows Small Business Server 2008 Microsoft SQL…
My Idea For A True Content Aggregation Service
I’ve been struggling with a problem for a while now. The problem is how to properly display on my site everything online that I create…
Personal Daemons and Wuffie | Daniel Miessler
Everyone knows the future of technology lies with the individual. One of the ways this will come about is through something I’ve been thinking about…
The GIAC GSE: The Grandmaster of Information Security Certifications
For anyone interested in Information Security certifications, the GIAC GSE one to keep on your mental radar. It’s a SANS certification (GIAC), but the trick…
A Few Buddhist Ideas
The greatest achievement is selflessness. The greatest worth is self-mastery. The greatest quality is seeking to serve others. The greatest precept is continual awareness. The…
Meeting NIST API Security Guidelines with Wallarm
On March 25, 2025, NIST released the initial public draft of NIST SP 800-228, “Guidelines for API Protection for Cloud-Native Systems.” The document provides a…
Contemplating Confirmation Bias | Daniel Miessler
Image from weber.edu As I sit here at my allergist waiting on the all-clear after my shots, I’m thinking about something that’s been bothering me…
You asked, we answered: Q&A from The Future of AppSec webinar | Blog
Tom Ryder | 10 April 2025 at 14:33 UTC When we wrapped up our biggest-ever webinar, The Future of AppSec: PortSwigger’s Vision, the conversation was…
How Does One Explain SQL Injection to a Non-Techie?
Earlier today @mubix (Twitter) asked: Here’s my response: SQL Injection is like a telephone operator who has to phonetically relay verbal speech between two people…