Tag: WordPress Security With Confidence

David Explains the OWASP Top Ten

While writing WordPress Security with Confidence last year, I spent a lot of time waiting for the latest revision of the OWASP Top Ten, the 2017 version. They ended up taking too much too long to publish, and I made the course focusing on the 2013 version, which was the most-recent-finalized iteration at the time the course went live. I don’t regret that choice, but I wanted to make sure I was well acquainted with the 2017 iteration.







Security Through Obscurity is Not Security At All

A broken bike lock – a symbol of security through obscurity

What counts as security, and how you make sure that you’re secure are both big and complicated topics. But, the complication of them is worsened when people mistake useless task-creation for actual benefit. “Security theater” has been an ever more common term used to characterize practices that look like they improve security but don’t really do much of anything at all.