security Tag

As a security-focused developer, I often get questions from colleagues and readers of this very blog on how to review code and spot vulnerabilities. Many believe this is an incredibly challenging task to complete and they are quite wrong, while there are some challenging moments to get it to exploitability, it's generally very

Recently, I've been doing a lot of penetration test reports. It's given me lots more insight on forming a better report, my initial reports were subpar at-best now that I've done dozens of them. I thought I'd make this post and share some tricks I've learned along the way, and things to avoid.