| | Mitigating a HTTP GET DoS Attack (2014) (scotthelme.co.uk) |
| 1 point by DamonHD on Oct 1, 2017 | past |
|
| | The Adobe Hack (scotthelme.co.uk) |
| 1 point by tosh on Aug 31, 2017 | past |
|
| | I'm giving up on HPKP (scotthelme.co.uk) |
| 127 points by el_duderino on Aug 24, 2017 | past | 71 comments |
|
| | Revocation is broken (scotthelme.co.uk) |
| 2 points by waits on July 4, 2017 | past |
|
| | Using security features to do bad things (scotthelme.co.uk) |
| 2 points by jwilk on May 16, 2017 | past |
|
| | Designing a New Security Header: Expect-Staple (scotthelme.co.uk) |
| 1 point by dm on May 8, 2017 | past |
|
| | An analysis of the Nomx secure communications device (scotthelme.co.uk) |
| 379 points by stevekemp on April 27, 2017 | past | 70 comments |
|
| | “/* should we even bother? */” nomx: The world's most secure communications (scotthelme.co.uk) |
| 15 points by aidantwoods on April 26, 2017 | past | 1 comment |
|
| | Certificate Authority Authorization (scotthelme.co.uk) |
| 1 point by perlgeek on April 11, 2017 | past |
|
| | A new security header: Expect-CT (scotthelme.co.uk) |
| 2 points by d2p on March 31, 2017 | past |
|
| | Let's Encrypt are enabling the bad guys, and why they should (scotthelme.co.uk) |
| 3 points by _jomo on March 6, 2017 | past |
|
| | Alexa Top 1M Analysis – Feb 2017 (scotthelme.co.uk) |
| 1 point by r721 on Feb 27, 2017 | past |
|
| | Cross-Site Request Forgery is dead (scotthelme.co.uk) |
| 320 points by edward on Feb 20, 2017 | past | 76 comments |
|
| | Bug bounties and extortion (scotthelme.co.uk) |
| 4 points by svenfaw on Feb 10, 2017 | past |
|
| | Still think you don't need HTTPS? (scotthelme.co.uk) |
| 3 points by kissgyorgy on Oct 9, 2016 | past |
|
| | Using HKPK/HSTS security features to do bad things (scotthelme.co.uk) |
| 4 points by DyslexicAtheist on Aug 15, 2016 | past |
|
| | Death by HSTS preload copy/paste (scotthelme.co.uk) |
| 7 points by carey on Aug 11, 2016 | past | 1 comment |
|
| | Alexa Top 1M Crawl – August 2016 (scotthelme.co.uk) |
| 2 points by fmavituna on Aug 10, 2016 | past |
|
| | Still think you don't need HTTPS? (scotthelme.co.uk) |
| 4 points by glenscott1 on March 28, 2016 | past |
|
| | The vulnerable web API for my Nissan Leaf (scotthelme.co.uk) |
| 2 points by tagawa on Feb 26, 2016 | past |
|
| | The SecurityHeaders.io Chrome Extension (scotthelme.co.uk) |
| 1 point by Scott_Helme_ on Feb 20, 2016 | past |
|
| | Security headers in the Alexa Top 1M (scotthelme.co.uk) |
| 3 points by fmavituna on Feb 16, 2016 | past |
|
| | Security headers in the Alexa Top 1M (scotthelme.co.uk) |
| 2 points by Scott_Helme_ on Feb 15, 2016 | past |
|
| | Let's Encrypt Smart Renew (scotthelme.co.uk) |
| 3 points by Scott_Helme_ on Feb 11, 2016 | past |
|
| | Securityheaders.io update (scotthelme.co.uk) |
| 4 points by cujanovic on Feb 11, 2016 | past |
|
| | Getting started with Let's Encrypt (scotthelme.co.uk) |
| 6 points by cujanovic on Feb 8, 2016 | past | 1 comment |
|
| | How widely used are security-based HTTP response headers? (scotthelme.co.uk) |
| 116 points by bikeshack on Aug 30, 2015 | past | 34 comments |
|
| | How widely used are security based HTTP response headers? (scotthelme.co.uk) |
| 3 points by kevinbowman on Aug 17, 2015 | past |
|
| | How widely used are security based HTTP response headers? (scotthelme.co.uk) |
| 2 points by nly on Aug 12, 2015 | past |
|
| | Advanced Session Hijacking (scotthelme.co.uk) |
| 16 points by colund on Jan 30, 2015 | past | 5 comments |
|
|
| More |
