Search Results for: aws

HealthCare.gov: Basic Security Failures and IT Bloopers

Secure Ideas has tested hundreds, if not thousands, of applications over the years we have been in business.  Based on this experience, along with our public classes and presentations around application security, Dave Kennedy of TrustedSec asked me to review the details of security flaws within HealthCare.gov.  As part of this review, Dave provided a …

HealthCare.gov: Basic Security Failures and IT Bloopers Read More »

SamuraiWTF Training with Charlotte ISSA

Charlotte ISSA will be hosting a two-day Samurai-WTF (Web Testing Framework) course led by myself (Jason Gillam of Secure Ideas) January 21st and 22nd.  Students will learn the latest Samurai-WTF open source tools and the latest manual techniques to perform an end-to-end penetration test. After a quick overview of pen testing methodology, the instructors will …

SamuraiWTF Training with Charlotte ISSA Read More »

Secure Ideas is Offering a Free Secure Coding Class

SECURE IDEAS IS OFFERING A FREE SECURE CODING CLASS You see it the news all the time.  Websites are getting hacked, data is being stolen, and revenue is lost.  How are they committing these breaches?  How does a website get hacked anyway? Come to a 3 hour technical workshop at Galvanize on December 20th to …

Secure Ideas is Offering a Free Secure Coding Class Read More »

We Can’t Rely on the Browser for Protection

 A large part of doing security consulting is providing proper mitigations and recommendations to our clients.  Sure, the testing is the exciting part, but it is the recommendations that are going to have the greatest impact on our client’s security.  It is our goal to help make the security posture better, not set a record …

We Can’t Rely on the Browser for Protection Read More »

Industry Issues: New Vulnerabilities and Marketing Problems

As a consultant, I spend a lot of my time working with organizations and staff to help them improve their security.  I do this via a number of methods including consulting, penetration testing, training, and other services.  But the foundation of what I do is explain the what, why, and how of information security.  And …

Industry Issues: New Vulnerabilities and Marketing Problems Read More »

Professionally Evil Perspective podcast: Mobile Security Testing – Tips and Tools

I have to say that I really enjoy doing the Professionally Evil Perspective (PEP) podcast with Kevin.  It started as a crazy idea that I had a few months ago, and it is just as fun as I had hoped it would be.  In this episode, we are joined by Nathan Sweaney, a Senior Security …

Professionally Evil Perspective podcast: Mobile Security Testing – Tips and Tools Read More »

Who We Are: Thom Dosedel

Who am I: Thom Dosedel, Senior Security Consultant at Secure Ideas.  What do I do at Secure Ideas: Like my fellow consultants, I participate in both internal and external penetration tests performing structured attacks on network, web, wireless, or mobile environments.  We also perform architecture reviews, provide defense based analysis and recommendations. What is my …

Who We Are: Thom Dosedel Read More »

Scroll to Top