Russ McRee

Russ McRee is a senior security analyst, researcher, and founder of holisticinfosec.org, where he advocates a holistic approach to the practice of information assurance. He is also a security researcher for InfoSec Institute.

His predominant focuses are incident response and web application security; he does both as team leader of Microsoft Online Service’s Security Incident Management team.

Russ speaks and writes frequently on information security topics; including toolsmith, a monthly column for the ISSA Journal.

IBM's ISS X-Force cited him as the 6th ranked Top Vulnerability Discoverers of 2009.

OWASP Top 10 Deeper Dive – A8: Failure to Restrict URL Access
By Russ McRee on June 8, 2011
- Access Control
OWASP Top 10 Deeper Dive – A5: Cross-Site Request Forgery (CSRF)
By Russ McRee on April 21, 2011
OWASP Top 10 Tools and Tactics
By Russ McRee on March 21, 2011
Security Incident Response Testing To Meet Audit Requirements
By Russ McRee on November 22, 2010
- Incident Response
- Security Models

OWASP Top 10 Deeper Dive – A8: Failure to Restrict URL Access

OWASP Top 10 Deeper Dive – A5: Cross-Site Request Forgery (CSRF)

OWASP Top 10 Tools and Tactics

Security Incident Response Testing To Meet Audit Requirements