Posts

All the articles I've posted.

• Strategies for Writing Useful Tests

  Published:May 11, 2016 |  at 06:54 AM

  I used to hate writing tests—they felt like a waste of time, took forever to run, and broke constantly. Now I actually enjoy it. Here are the strategies that transformed my approach to testing from dread to delight.

• How to Land the Right Tech Job for You

  Published:Jan 21, 2016 |  at 12:45 PM

  Job hunting can feel like shopping for a new car—exciting at first, then intimidating and hopeless. Having been both a candidate and an interviewer, I've put together this comprehensive guide to help you navigate the process and land the right tech job.

• How to Prepare for Talks

  Published:Nov 1, 2015 |  at 02:09 PM

  Preparing for a technical talk can feel overwhelming, but I've learned something new every time I've given one. This 11-step process covers everything from choosing a topic to handling Q&A, helping you go from idea to presentation.

• Answers to Django Security Questions

  Published:Oct 16, 2015 |  at 06:56 AM

  I found a list of Django security questions but couldn't find clear answers anywhere. So I dug in and wrote them myself, covering everything from CSRF and SQL injection to password hashing and mass assignment.

• Using Bandit in the Field

  Published:Sep 25, 2015 |  at 03:17 PM

  After talking about Bandit, I wanted to see how it actually performed in the real world. This post shares my experience using Bandit to find vulnerabilities in Python projects and practical tips for integrating it into your workflow.

• Finding Vulnerabilities with Bandit

  Published:Sep 24, 2015 |  at 03:37 PM

  Python's dynamic nature makes it hard to catch security vulnerabilities statically. Bandit scans your Python code for common security issues. Learn how to use it to find problems before they reach production.

• 10 Software Talks to Listen to on Your Way to Work

  Published:Sep 10, 2015 |  at 03:17 PM

  I felt like I didn't know enough as a developer, so I started listening to conference talks on my commute. Here are ten of my favorites that genuinely changed how I think about building software.

• Dangerous Python Functions, Part 2

  Published:Aug 15, 2015 |  at 02:33 PM

  In part 2 of my dangerous Python functions series, I cover more risky functions like pickle.loads(), yaml.load(), and tempfile.mktemp(). These can lead to code execution, deserialization attacks, and race conditions.

• Dangerous Python Functions

  Published:Jul 26, 2015 |  at 02:33 PM

  Python's dynamic nature can lead to subtle bugs that are hard to catch. I've created a deck of cards highlighting dangerous Python functions like eval(), exec(), and input() that can cause security vulnerabilities or unexpected behavior.

• The Sunglasses Scam

  Published:Jul 14, 2015 |  at 02:09 PM

  I got banned from Ragnarok Online for "scamming" players with sunglasses. This bizarre experience taught me about cognitive biases and anchoring effects, drawing lessons from Daniel Kahneman's "Thinking, Fast and Slow."