SECURE IDEAS IS OFFERING A FREE SECURE CODING CLASS You see it the news all the time. Websites are getting hacked, data is being stolen, and revenue is lost. How are they committing these breaches? How does a website get hacked anyway? Come to a 3 hour technical workshop at Galvanize on December 20th to …
Secure Ideas is Offering a Free Secure Coding Class Read More »
In this series of posts we’re introducing staff members at Secure Ideas to give you a quick glimpse into our lives. The goal of these posts is for you to learn more about us. So reach out to us via email or twitter. We’d love to get to know you. Who am I: Jason Gillam, …
A large part of doing security consulting is providing proper mitigations and recommendations to our clients. Sure, the testing is the exciting part, but it is the recommendations that are going to have the greatest impact on our client’s security. It is our goal to help make the security posture better, not set a record …
As a consultant, I spend a lot of my time working with organizations and staff to help them improve their security. I do this via a number of methods including consulting, penetration testing, training, and other services. But the foundation of what I do is explain the what, why, and how of information security. And …
Industry Issues: New Vulnerabilities and Marketing Problems Read More »
I have to say that I really enjoy doing the Professionally Evil Perspective (PEP) podcast with Kevin. It started as a crazy idea that I had a few months ago, and it is just as fun as I had hoped it would be. In this episode, we are joined by Nathan Sweaney, a Senior Security …
Professionally Evil Perspective podcast: Mobile Security Testing – Tips and Tools Read More »
Who am I: Thom Dosedel, Senior Security Consultant at Secure Ideas. What do I do at Secure Ideas: Like my fellow consultants, I participate in both internal and external penetration tests performing structured attacks on network, web, wireless, or mobile environments. We also perform architecture reviews, provide defense based analysis and recommendations. What is my …
In this series of the Professionally Evil Toolkit we will be talking about sqlmap. Sqlmap is an open source penetration testing tool that is written in python. Sqlmap automates the process of detecting/exploiting SQL injection flaws and taking over of database servers. As you might know, SQL injection is ranked number one on the OWASP …
Secure Ideas spends a lot of time working with organizations both large and small. And during this work, we deal with and help people trying to figure out what the threats and risks are in the wild today. For larger companies, this exercise is something they deal with often, but smaller organizations may not …
Red Dawn: Protecting small organizations from attacks Read More »
Recently it was announced that there was a security flaw found in one of the GSA systems that could have allowed for vendors to see other vendor information. The original article, which you can read in its entirety, can be found at GSA Database May Have Leaked Contractor Banking and Proprietary Information. Kevin Johnson, CEO, …
GSA Database May Have Leaked Information: Kevin Johnson was Interviewed Read More »
As we finish 2012 and look forward to 2013, Secure Ideas’ staff would like to wish everyone a happy new year. We also thought it would be fun to do a quick review of the year, with each of our staff including their thoughts. So here goes…. What a great second year for Secure Ideas! …