Applied Trust has been producing The Barking Seal for our clients, supporters, and friends since 2003.
One of the greatest features of being consulting IT infrastructure engineers is that we have the opportunity to see, touch, and experience a wide variety of technologies and their successful (and sometimes, not so successful) application. We have the opportunity to solve problems that have never been solved before. And, every once in awhile, we make mistakes that provide good lessons. It's our hope that sharing some of these experiences will better our community as a whole. We hope you enjoy it!!
Apr 01, 2013
I recently had the opportunity to be involved in the planning and implementation of a "capture the flag event" (CTF) for the Front Range OWASP Conference (SnowFROC). If you are unfamiliar with this type of event, it's essentially a web application security competition, where individuals or teams attempt to identify...
continue reading 
Mar 14, 2013
One of the biggest computer security vulnerabilities in the wild today is the cross-site scripting (XSS) vulnerability. This type of vulnerability comes in many different flavors, with varying levels of danger.
Simple attacks can be annoying, such as an alert popping up on the site when someone visits it, or a...
continue reading 
Mar 09, 2013
Last post we talked about what an advanced persistent threat (APT) is, and how it differs from the average web attack. Today I want to talk a little about what APTs mean for us all, and what we can and should be thinking about.
The goal of an APT is to gain entry into an organization of its choosing with a...
continue reading 
Mar 08, 2013
The recent acknowledgements of breaches, plus the release of the Mandiant report, have brought a lot of attention to the idea of nations waging war on the Internet. In addition, it has brought to light to one of the biggest buzzwords in web security right now: advanced persistent threat, or APT. I wanted to talk a...
continue reading 
Feb 15, 2013
If you were watching the State of the Union address last Tuesday night, you may have noticed that President Obama's newly announced executive orders regarding cybersecurity signal an evolution in the government’s stance on the issue.
The importance of cybersecurity has come to light in recent years,
with a 2008...
continue reading 
Feb 11, 2013
Many times when deploying a Drupal site from your development or staging environment to the production environment, there is the desire to clean things up in order to boost security. One thing that should not be forgotten is the users that are allowed to log in to the site. If you have a deployment process whereby...
continue reading 
Sep 07, 2012
We at AppliedTrust believe that fruitful conversations start with strong, interesting speakers. So this past Wednesday night, we were thrilled to host the first “Speaker Social” pre-event of this year’s TEDxBoulder, where three TEDx speakers previewed what they’ll be discussing at the big show, themed “Edges and...
continue reading 
Sep 04, 2012
HAProxy, the opensource load-balancing project, just announced support for SSL! This is a huge improvement, and it represents a great step forward. Previously, the best you could do was to have HAProxy blindly forward the TCP packets without being able to decrypt them, inspect them, or take any actions based on the...
continue reading 
Jun 12, 2012
All of the recent password leaks have gotten me thinking about the current web user’s predicament with passwords. With the influx of web-based services, and with every website offering a login to save your profile and make your experience better, we are in a place where we potentially have many, many passwords to...
continue reading May 28, 2012
Drush is pretty cool, and super powerful. It can allow you to do a number of things to save time in your day, such as creating scripts and writing up aliases, in addition to being used for its more intended purpose, which is managing your Drupal install. One feature that I use quite a bit is the drush uli...
continue reading Pages
