rssed

a collection of dev rss feeds - blogroll

Add a new feed

+

318 feeds

Scott Helme

Posts

Leverage our treasure trove of Threat Intelligence data 🔗

We've been working on CSP Integrity for a little while now, and it was only announced in open beta back in September. Since then, as more of our custo [...]

XSS Ranked #1 Top Threat of 2025 by MITRE and CISA 🔗

Look who's back! After we completed 2024, XSS managed to get itself ranked as the #1 top threat of the year. I wrote about that, and at the end of the [...]

DNS-PERSIST-01; Handling Domain Control Validation in a short-lived certificate World 🔗

This year, we have a new method for Domain Control Validation arriving called DNS-PERSIST-01. It is quite a fundamental change from how we do DCV now, [...]

The European Space Agency got hacked, and now we own the domain used! 🔗

It's not often that two of my interests align so well, but we're talking about space rockets and cyber security! Whilst Magecart and Magecart-style at [...]

Eating Our Own Dogfood: What Running Report URI on Report URI Taught Us 🔗

Dogfooding is often talked about as a best practice, but I don't often see the results of such activities. For all new features introduced on Report U [...]

Blink and you'll miss them: 6-day certificates are here! 🔗

What a great way to start 2026! Let's Encrypt have now made their short-lived certificates available, so you can go and start using them right away. I [...]

What a Year of Solar and Batteries Really Saved Us in 2025 🔗

Throughout 2025, I spoke a few times about our home energy solution, including our grid usage, our solar array and our Tesla Powerwall batteries. Now [...]

Report URI Penetration Test 2025 🔗

Every year, just as we start to put up the Christmas Tree, we have another tradition at Report URI which is to conduct our annual penetration test! � [...]

Report URI - outage update 🔗

This is not a blog post that anybody ever wants to write, but we had some service issues yesterday and now the dust has settled, I wanted to provide a [...]

Integrity Policy - Monitoring and Enforcing the use of SRI 🔗

This has been a long time coming so I'm excited that we now have a working standard in the browser for monitoring and enforcing the use of SRI across [...]

CVE-2025-49844 - The Redis CVSS 10.0 vulnerability and how we responded 🔗

We're very public and open about our infrastructure at Report URI, having written many blog posts about how we process billions of telemetry events ev [...]

Capture JavaScript Integrity Metadata using CSP! 🔗

Today we're announcing the open beta of a brand new and incredibly powerful feature on the Report URI platform, CSP Integrity! Having the ability to c [...]

We're going High Availability with Redis Sentinel! 🔗

We've just deployed some mega updates to our infrastructure at Report URI that will give us much more resilience in the future, allow us to apply upda [...]

Automation improvements after a Tesla Powerwall outage! 🔗

So, a weird thing happened over the last couple of days, and my Tesla Powerwalls weren't working properly, or, at all, actually... What's even more st [...]

OWASP ASVS 5.0.0 is here! 🔗

I've been a huge fan of OWASP for a very long time, having spoken at their conferences, contributed to their projects, consumed many of their resource [...]