Search Results for: aws

Secure Ideas is Offering a Free Secure Coding Class

SECURE IDEAS IS OFFERING A FREE SECURE CODING CLASS You see it the news all the time.  Websites are getting hacked, data is being stolen, and revenue is lost.  How are they committing these breaches?  How does a website get hacked anyway? Come to a 3 hour technical workshop at Galvanize on December 20th to …

Secure Ideas is Offering a Free Secure Coding Class Read More »

We Can’t Rely on the Browser for Protection

 A large part of doing security consulting is providing proper mitigations and recommendations to our clients.  Sure, the testing is the exciting part, but it is the recommendations that are going to have the greatest impact on our client’s security.  It is our goal to help make the security posture better, not set a record …

We Can’t Rely on the Browser for Protection Read More »

Industry Issues: New Vulnerabilities and Marketing Problems

As a consultant, I spend a lot of my time working with organizations and staff to help them improve their security.  I do this via a number of methods including consulting, penetration testing, training, and other services.  But the foundation of what I do is explain the what, why, and how of information security.  And …

Industry Issues: New Vulnerabilities and Marketing Problems Read More »

Professionally Evil Perspective podcast: Mobile Security Testing – Tips and Tools

I have to say that I really enjoy doing the Professionally Evil Perspective (PEP) podcast with Kevin.  It started as a crazy idea that I had a few months ago, and it is just as fun as I had hoped it would be.  In this episode, we are joined by Nathan Sweaney, a Senior Security …

Professionally Evil Perspective podcast: Mobile Security Testing – Tips and Tools Read More »

Who We Are: Thom Dosedel

Who am I: Thom Dosedel, Senior Security Consultant at Secure Ideas.  What do I do at Secure Ideas: Like my fellow consultants, I participate in both internal and external penetration tests performing structured attacks on network, web, wireless, or mobile environments.  We also perform architecture reviews, provide defense based analysis and recommendations. What is my …

Who We Are: Thom Dosedel Read More »

Professionally Evil Toolkit – Sqlmap

In this series of the Professionally Evil Toolkit we will be talking about sqlmap. Sqlmap is an open source penetration testing tool that is written in python. Sqlmap automates the process of detecting/exploiting SQL injection flaws and taking over of database servers.  As you might know, SQL injection is ranked number one on the OWASP …

Professionally Evil Toolkit – Sqlmap Read More »

GSA Database May Have Leaked Information: Kevin Johnson was Interviewed

Recently it was announced that there was a security flaw found in one of the GSA systems that could have allowed for vendors to see other vendor information.  The original article, which you can read in its entirety, can be found at GSA Database May Have Leaked Contractor Banking and Proprietary Information.  Kevin Johnson, CEO, …

GSA Database May Have Leaked Information: Kevin Johnson was Interviewed Read More »

Happy New Years!

As we finish 2012 and look forward to 2013, Secure Ideas’ staff would like to wish everyone a happy new year.  We also thought it would be fun to do a quick review of the year, with each of our staff including their thoughts.  So here goes…. What a great second year for Secure Ideas! …

Happy New Years! Read More »

Scroll to Top