Phillip Maddux

Your friendly neighborhood AppSec advisor and honeypot enthusiast. Formerly @ Goldman Sachs and Ernst & Young. Find his thoughts in code form committed to Github.

Testing CVE Mitigation in Web Apps


Phillip Maddux May 3, 2019

Dear RASP: We Need to Talk About the Friction in Our Relationship

Phillip Maddux November 6, 2018

Listening to Web Attacks Remixed!

Early last year I published a fun tool called sigsci-sounds for users of Signal Sciences — my prior ...

Phillip Maddux September 26, 2018

Aggregate Availability Check with Signal Sciences Data

Phillip Maddux September 11, 2018

Auditing Signal Sciences Configuration

Signal Sciences offers tremendous capabilities to defend web applications. I’m not talking just abou...

Phillip Maddux August 29, 2018

Proactive Update Around the Health of your Signal Sciences Deployment

Signal Sciences Agent Monitoring In your efforts to defend your network and applications, deploying ...

Phillip Maddux July 25, 2018

Capturing Request Logs From Signal Sciences

Logs are important. We need them to investigate, monitor, and analyze. In cybersecurity we have many...

Phillip Maddux July 17, 2018

The Trending Target of Crypto Miners: Your Web Application

At the beginning of every year, the media covering cyber security is hot on predictions for the comi...

Phillip Maddux January 25, 2018

0 to 100 mph: Accelerating Visibility for Application Security

In a drag race, how quickly you get off the line sets the tone for the race. From there it is all ab...

Phillip Maddux July 21, 2017

How to get started with PaaS in Heroku, IBM Bluemix, and Pivotal

If you work in Information Technology, there is no doubt you are well aware of the shift to the clou...

Phillip Maddux May 24, 2017

Considering RASP and Modern Application Security Defense

Are you considering RASP? Certainly many enterprises large and small are so you aren’t alone. Having...

Phillip Maddux April 25, 2017

System Clock Skewed? Read this Post, Especially if You Don’t Have Time

“Time keeps on slippin’ slippin’ slippin’, into the future” -“Fly Like An Eagle”, The Steve Miller B...

Phillip Maddux March 29, 2017

Listening To Web Attacks

Note: this tool has been updated from the details below. Read the updated 2018 information on sigsci...

Phillip Maddux January 13, 2017