Stijn has an extensive background in development, security and product management.

He is naturally curious and always enjoys a good discussion.

All Post by Stijn

Lightweight IT Security Policy for small and medium companies

Small and medium companies often have trouble to formulate what they expect from their employees with regards to security. On the one hand, they often realise it’s important as information security is often in the news nowadays. On the other hand, hiring expensive consultants is often overkill for these companies, as are the rigid security rules these consultants often like to introduce. Being small and nimble is one of the main advantages of SME’s, so what’s needed is a pragmatic approach.

Stijn Nov 1, 2016

Questions to consider when writing policies, processes or other documents

The ability to write things down is something very human, it’s one of the things that separates us from animals. Writing forces you to structure your thinking and approach a subject from different angles. It is also one of the ways in which humans can scale: when you document an approach, you allow others to follow your approach and apply it for themselves.

Stijn Oct 25, 2016

Getting started in pentesting (with DVWA)

Damn Vulnerable Web Application (DVWA) is a great tool to get started with web application pentesting. It lets you experiment with the basics and it doesn’t require you to install additional tools. In this post, we’ll explain how to install and configure it.

Stijn Sep 12, 2015

The testament of a furniture dealer

On December 20th 1976, Ingvar Kamprad (the legendary owner of IKEA) wrote a ‘testament’ outlining his views on business and life. I’m baffled to discover how much insight he already gave away in 1976. The 16-page document contains at least as much wisdom as the last 5 business books I read. I found analogies with the lean startup method, toyota production, writings of Paul Graham and general life advice. What a wonderful document, no wonder Ingvar was so successful!

Stijn Aug 7, 2015

Integrating security and DevOps

Lately, I’ve been fascinated by the DevOps movement. This relatively new movement has a number of concepts at its core that us security folks could (ab)use. ‘Automated testing’, ‘infrastructure-as-code’ and ‘continuous integration or delivery’ help teams rapidly introduce new functionality by quickly detecting bugs and providing a clearly defined, automated and scalable infrastructure environment.

Stijn Aug 5, 2015

Lesson from a side project

Ten months ago, I agreed to build software for a driving school as a side project. Today the project is 90% done, so only the other 90% remains. Below is one of the most important things I’ve learned.

Stijn Sep 22, 2014

Opportunities to use monoids

Recently, I was watching this talk by Avi Bryant where he talks about using algebra in programming. The talk is geared towards distributed systems, but I think the concepts are applicable in general. Certainly when I realised that my earlier trouble also concerned monoids.. So, what’s to gain from understanding this algebra? At least improved code reusability and parallelism. And an opportunity to satisfy your curiosity!

Stijn Feb 17, 2014

(Slow but certain) Advancing insight in Haskell

TL;DR I tried to implement something in Haskell but had some trouble. I then went to hang out at the Haskell irc channel and they directed me towards a better implementation, making me a little bit smarter.

Stijn Oct 29, 2013

Learning Haskell

I’m trying to learn Haskell. This post details some of the steps I’m going through.

Stijn Oct 10, 2013