Author

Phillip Maddux

Your friendly neighborhood AppSec advisor and honeypot enthusiast. Formerly @ Goldman Sachs and Ernst & Young. Find his thoughts in code form committed to Github.

The Trending Target of Crypto Miners: Your Web Application

At the beginning of every year, the media covering cyber security is hot on predictions for the comi...

Phillip Maddux January 25, 2018

0 to 100 mph: Accelerating Visibility for Application Security

In a drag race, how quickly you get off the line sets the tone for the race. From there it is all ab...

Phillip Maddux July 21, 2017

How to get started with PaaS in Heroku, IBM Bluemix, and Pivotal

If you work in Information Technology, there is no doubt you are well aware of the shift to the clou...

Phillip Maddux May 24, 2017

Considering RASP and Modern Application Security Defense

Are you considering RASP? Certainly many enterprises large and small are so you aren’t alone. Having...

Phillip Maddux April 25, 2017

System Clock Skewed? Read this Post, Especially if You Don’t Have Time

“Time keeps on slippin’ slippin’ slippin’, into the future” -“Fly Like An Eagle”, The Steve Miller B...

Phillip Maddux March 29, 2017

Listening To Web Attacks

There are numerous ways to monitor attack and anomaly activity with Signal Sciences. Integrating wit...

Phillip Maddux January 13, 2017

Sharing Threat Information with HoneyDB

Running honeypots to collect information is great. Running honeypots to collect and share informatio...

Phillip Maddux November 3, 2016

Getting Started With HoneyPy — Part 3

In my last post, Getting Started With HoneyPy — Part 2, I covered honeypot services and HoneyPy’s se...

Phillip Maddux October 27, 2016

Getting Started With HoneyPy — Part 2

source In my last post, Getting Started With HoneyPy — Part 1, I covered getting HoneyPy up and runn...

Phillip Maddux October 20, 2016

Getting Started With HoneyPy — Part 1

In my last post, Introduction to HoneyPy & HoneyDB, I covered the basics of honeypots and provided a...

Phillip Maddux October 11, 2016

Hacking the Hard Way at the DerbyCon CTF

DerbyCon in Louisville is one of those conferences that you have to go back to every year. While the...

Phillip Maddux October 3, 2016

Introduction to HoneyPy & HoneyDB

Last week, I discussed HoneyPy and HoneyDB at Blackhat and Defcon. This week I wanted to dive a bit ...

Phillip Maddux September 1, 2016

HoneyPy at Arsenal and Demo Labs

At this year’s Black Hat & Def Con there were a few firsts for me, and it was probably one of the be...

Phillip Maddux August 23, 2016