March 2013 | Secure Ideas

Who are We: James Jardine

Posted on March 28, 2013 by secureideas • 0 Comments

To continue on with the series of “who we are” here at secure ideas, here is the second profile post.

Please feel free to reach out to each of us with any comments or questions you may have!

Who am I:

James Jardine, Principal Security Consultant at Secure Ideas.

What do I do at Secure Ideas:

I get to do a little bit, scratch that, a lot of everything at Secure Ideas. Most of my time is spent performing consulting work for our many clients. In addition, I spend a lot of time helping define and improve internal processes for Secure Ideas. I enjoy creating blog posts, videos, and most recently, the Professionally Evil Perspective podcast.

What is my security background in a nutshell:

I come from a development background, which I think helps in my security consulting experience. I first got my taste of security back in 2001 when a client I was contracting for needed someone to look into a possible network breach. From that point, I started focusing more on application security in my development roles. I really enjoy the challenge of security and am always looking to learn more. About two years ago I became an instructor for SANS teaching their Dev544: Secure Coding in .Net course.

What is my favorite attack:

While I enjoy a wide range of the attacks I get to perform, my favorite is the phishing attacks, or social engineering. I really enjoy the challenge of trying to craft an exploit that I am going to then use to target another user to see if I can gain the advantage. Every user is different and the back story and technique used can very a lot. These types of attacks allow for the most freedom and can be really fun.ssh

What am I learning about now:

I am really trying to dig into MVC development. It is a very popular programming paradigm and I am trying to do much more with it. I am also learning a lot about SEO which is quite interesting.

Reaching me:

There are a ton of ways to reach me directly:

email: james@secureideas.com
web: https://www.secureideas.com/?src=james
twitter: http://www.twitter.com/jardinesoftware
linkedIn: http://www.linkedin.com/in/jjardine/

GSA Database May Have Leaked Information: Kevin Johnson was Interviewed

Posted on March 26, 2013 by secureideas • 0 Comments

Recently it was announced that there was a security flaw found in one of the GSA systems that could have allowed for vendors to see other vendor information. The original article, which you can read in its entirety, can be found at GSA Database May Have Leaked Contractor Banking and Proprietary Information. Kevin Johnson, CEO,… Continue Reading

Mobile Security: Upcoming Events

Posted on March 26, 2013 by secureideas • 0 Comments

Mobile security is a very hot topic and there are some pretty cool events just around the corner. If you are looking for great information, check these events out. No, This is not an April Fools Joke, James Jardine and Kevin Johnson will be doing a webcast on April 1st “Ask the Expert Webcast: Mobile… Continue Reading

Hiring Philosophy and How to Get Into InfoSec

Posted on March 20, 2013 by • 1 Comment

As one of the founders of Secure Ideas, I am often asked how someone gets into InfoSec and/or how do they get hired at Secure Ideas. So I thought it would make sense to discuss this here on the blog… So the first thing to understand is that I think that it is critical to… Continue Reading

Tactical Security Ops at Black Hat 2013

Posted on March 19, 2013 by jason_wood • 0 Comments

Kevin Johnson and John Strand recently gave a presentation at RSA 2013 titled “Tactical Sec Ops: A Guide to Precision Security Operations.” Not surprisingly, this has been something that we’ve been talking quite a bit about internally. So much so that Secure Ideas will be teaching Tactical Security Ops at Black Hat USA. We initially… Continue Reading

Who are We: Kevin Johnson

Posted on March 18, 2013 by • 0 Comments

So here at Secure Ideas we have decided to do a small series of posts. The purpose of these posts is to provide a quick introduction to each of the consultants on staff. Its kind of a fun and quick post. Please feel free to reach out to each of us with any comments or… Continue Reading

Looking for Malicious PHP Files

Posted on March 13, 2013 by jason_wood • 0 Comments

A while back I had to deal with a compromised web server for some folks. They had some WordPress sites with a vulnerable plugin and found that attackers were putting up malicious web pages for other victims to view. The owners of the sites were understandably upset. The malicious files names didn’t follow much of… Continue Reading

Admin Consoles, Default Creds, and Sweet Pwnage

Posted on March 7, 2013 by secureideas • 0 Comments

When performing internal network penetration tests, one thing that really gets us excited is finding administrative consoles. Tomcat and PHPMyAdmin are two of the most common that I’ve found from my experience. The reason we get excited is that many of these consoles have never had the default credentials changed. Why? Because they’re on the… Continue Reading

Podcast Show Notes: Why are Passwords so Difficult

Posted on March 7, 2013 by secureideas • 0 Comments

Kevin and James just finished up recording episode 2 of the Professionally Evil Perspective podcast. In this episode there is a brief discussion from Kevin on his experience at RSA and then we start talking about the topic of passwords. Although we are now into 2013, passwords still are a very hot topic. This is… Continue Reading

Ninja Developers Webcast Trilogy Overview

Posted on March 5, 2013 by secureideas • 0 Comments

Over the past three months, James Jardine and Kevin Johnson were featured in a webcast trilogy titled “Ninja Developers.” The series was presented through the SANS Institute and an archive of each episode can be found on the SANS website (links provided below). The purpose of the presentations is to reach out to developers and… Continue Reading

M	T	W	T	F	S	S
« Feb				Apr »
				1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30	31

Monthly Archives: March 2013