1. 2018

  2. Known unknowns - zero-days in the wild
  3. The mysterious case of (deny dynamic-code-generation)
  4. 2017

  5. A vulnerability by any other name
  6. Response to Deputy Attorney General Rosenstein's remarks on Encryption
  7. Surviving Apache Struts CVE-2017-5638
  8. Categorizing Security Engineering Work
  9. Forward secrecy is the most important thing
  10. Introduction to Certificate Transparency for Server Operators
  11. A year of tracking my HTTP requests
  12. SHA1 and Richard Feynman