Personal Blog: focused on geeky toys, cool programs, and such.
OneStopAppSecurity.com: homepage for my security consulting company. Satisfaction guaranteed security assessments are available.
OWASP.org's Top Ten Vulnerabilities, 2007 Version: I helped on the content and was Wiki editor for this document. It went live on May 15^th, 2007. as of June 27^th, 2008 it has 138,000 Google hits. That makes the US Declaration of Independence less than 4 times as popular as the declaration has 3.8 million hits. The 2004 was claimed to be the single-most read security document in the world and I suspect this one will be as well as there were 100 new hits added in the past week alone.
Professional Blog when I was working for BEA Systems: focused on security in general and security in BEA Systems' products specifically.
Resume: This focuses on my employee work. I have a resume more oriented to consultation on OneStopAppSecurity.com.
Currently looking for full-time employment or a consulting job (see OneStopAppSecurity.com for consulting information).

Reprint of blog entry in Sys-Con's SEO/SEM: My blog entry Google Broken + Unresponsive = Unhappy Neil got reprinted as Viewpoint: Is Google Growing Too Fast? in the online SEO/SEM magazine. It was the most read article in the magazine for two weeks.
CSOOnline Article: Attack Dangers Posed by ‘Innocent’ Files.
My Author Page @ dev2dev.bea.com: Mostly just a listing of my blog entries but there is also a pointer to one article I've published on dev2dev.bea.com
Weblogic Developer's Journal Article Discussing WebLogic Server Extensions to JEE Security: Please let me know if this link is broken. Sys-Con (the parent of WebLogic Developer's Journal)seem to reformat their sites and break links to articles (as well as links within articles) on a pretty routine basis.
Reprint of blog entry in Google Developer's Journal: My blog entry “Google Maps Are A Bit Broken Right Now”got reprinted in Google Developer's Journal.
“Implementation Issues for the Psyche Multiprocessor Operating System”: Pointer to a peer-reviewed publication I co-authored a very long time ago. It is only thrown in to impress people as you have to pay to get the document :-)

US Patent application pending #20,070,266,442, System and Method for Protecting APIs from Untrusted or Less Trusted Applications and US Patent application pending #20,070,265,835, Method and System for Securing Execution of Untrusted Applications: Two extensions to J2EE (a.k.a: JEE) security for providing permissions to code within the same virtual environment.
US Patent application pending #20,050,268,108, “Servlet Authentication Filters”: An extension of J2EE (a.k.a: JEE) that provides an integrated and pluggable model for authentication for Servlets. JSR-196 has extended and standardized the concepts introduced in this patent

US Patent application pe nding #20060031855, “System and Method for Runtime Interface Versioning”, approx. December 2005
US Patent application pending #20050268108, “Servlet Authentication Filters”, approx. May 2005
US Patent #7051,069, "System for managing logical process flow in an online environment", May, 2006
US Patent #5,787,447, "Memory allocation maintaining ordering across multiple heaps", July 1998

“Writing Secure Web Applications”, 2005 JavaOne. Considered a " “must see” by JavaOne staff.
“Writing Secure Web Applications”, BEAWorld 2005
“WebLogic Server 9.0 Security Features”, BEAWorld 2005
“So You Want to Write a Security Provider - Now What?”, BEA eWorld 2004
“Security in a Web Application”, WebLogic Developer's Journal October 2003
“Configuring and Administering WebLogic Security”, BEA eWorld 2003
“Using the New WebLogic Security Architecture”, BEA eWorld 2002
Security presentations to many enterprise customers covering BEA security features, strategies for architecting secure web installations, security reviews of existing architecture and code, etc...
Numerous internal training presentations

A Google search for me. Despite the uniqueness of my last name, I have a 2nd cousin once removed also named “Neil Smithline”. Fortunately he is a doctor so excluding pages with "MD" or "DR" on them probably removes a few pages that are relevant to me from the return set but eliminates most false positives.
: A social networking site to help you stay in contact with colleagues (sort-of MySpace.com for grown-ups).
My Facebook Profile.: Yet another social networking site. It is more “social” than “professional networking”.
My Del.Icio.Us Bookmarks: A social networking site to help you find bookmarks to things you are interested in. See my discussion in my blog on this.
My Slashdot Page: Slashdot has been home to the geeks of the net for just about ever. With the coming of Web 2.0, they've now added some personalization capabilities including a journal and social bookmarks similar to Del.icio.us. The difference, of course, is that Slashdot users, on a 1-10 scale, are about a 12 for geekiness as compared to Del.icio.us users who are more mainstream.
My Spock page: Spock is a new site that crawls the web and tries to bring all of your web references to a single location. It also has an interesting mechanism of allowing users to tag themselves and others. So you can tag yourself with “rockstar” and your boss with “bonehead”.

My Geekdom

May 2, 2007