Blog | Crash Override

The hackers mural in Amsterdam celebrating Grace Hopper and Alan Turing. True hackers.

Lets kills cheap tacky conference swag

The singularity is coming and we are already seeing people trying to socially engineer AIs rather than historically socially engineering humans.

The data from corporate messaging tools may indicate that developer led adoption isn't the best strategy for the widespread adoption of security tools

Why aren't there more developer tools with security features ?

I recently had a eureka moment that the appsec industry, including myself, haven't totally embraced the devops principle of observability.

We should accept that developers only pay lip service to security

How can we help open-source security projects generate sustainable funding without having to become commercial open-source companies? I have an idea.

Why are the same old appsec issues still a thing in 2023? Maybe its because we are doing the same things over and over hoping they will go away? Maybe.

If we're going to stop the arms race of trying to secure everything against a backdrop of technology proliferation, we have to get back to risk based assessment

It's about time we recognised that appsec has changed and so should the name, and that there is a big part that we may never solve.

This articles shares observations and anecdotes from my life about what makes companies and communities come and what makes them go.