Security Musings

Things our people say

What is cyber security?

Andrew looks at the origins of one of the key terms in our industry, and questions whether it's really the one we should be using.

Read more
Andrew Bycroft | October 5, 2021

Application threat modelling

Prashanth gives an overview of threat modelling and the application of a secure-by-design principle to software development.

Read more
Prashanth B.P. | August 23, 2021

An introduction to Open ID Connect (OIDC)

Practical guidance for working with OIDC.

Read more
Michael Pearn | August 13, 2021

Cloud to Cloud User and Group Provisioning: A Case Study comparing Azure and Okta

Michael provides a real-world comparison of provisioning to Google Workspace using two of the most common cloud identity management platforms.

Read more
Michael Pearn | July 29, 2021

Quick and easy attack surface reduction - 2020 style

A couple of years down the track, Jason revisits attack surface reduction and explores a different approach using an AWS application load balancer and OIDC.

Read more
Jason Wood | August 18, 2020

Securing access to your Imperva cloud WAF with Okta

Having set up a basic WAF configuration, Adrian now steps through enabling SAML (and MFA) for WAF administration.

Read more
Adrian Bole | June 06, 2020

Protecting your website with Imperva Cloud WAF

Adrian provides the first of two posts discussing the configuration of Imperva Cloud WAF.

Read more
Adrian Bole | May 11, 2020

DNS security (part 1)

Reece talks about some of the security challenges with DNS.

Read more
Reece Payne | November 23, 2019

Fortian CyberCon 2019 challenge reflection (Part 2)

The second of Jake's posts on how he built the Fortian technical challenge for CyberCon 2019

Read more
Jake Astles | October 27, 2019

Fortian CyberCon 2019 challenge reflection (Part 1)

Jake gives us the first of two posts on how he built the Fortian technical challenge for CyberCon 2019

Read more
Jake Astles | October 16, 2019

The value of security architecture

Chiko revisits the basics of security architecture: what is it, why do we do it and what are the benefits?

Read more
Chikonga Maimbo | August 1, 2019

Information wants to be free

Simon provides an update on some work we've been doing on Open Banking and the Consumer Data Right.

Read more
Simon Ellis | July 18, 2019

Don't trust those crafty users

Reece gets into the challenges of actually having users use your web application.

Read more
Reece Payne | November 23, 2018

AISA CyberCon 2018

Marcus gives a bit of information about our attendance at this year's CyberCon.

Read more
Marcus Wong | Oct 09, 2018

Apache reverse proxy with SAML and Azure AD

Jason walks through setting up a quick and easy reverse proxy authenticating using SAML.

Read more
Jason Wood | June 29, 2018

Getting logs out of Azure AD

Reece shows you how to get some interesting logging info out of Azure AD.

Read more
Reece Payne | June 12, 2018

Security, privacy and the 2018 budget

Marcus provides a brief update on information relevant to cyber security in the 2018 federal budget.

Read more
Marcus Wong | May 11, 2018