I have been involved in IT and security in one way or another for almost 30 years. I have worked full time for organizations and consulted in a wide variety of jobs and responsibilities. But one of the common issues I have seen and been part of is having a handle on what all of …
Finding Your Weakness: Triaging Your Domains with SWATRead More »
It is that time of year and we need to be ready for the fraudsters to be out in full effect. The holidays are approaching and it is a time for joy for most. Unfortunately, the Grinches are working just as hard as Santa to effect your holiday cheer. Here are few things to keep …
Secure Ideas is excited to announce the latest class in our Professionally Evil Course series: Ride Along Penetration Testing. This course will be held on October 9th at 2PM eastern. Unlike so many other courses, this is not a typical “here is a tool and how to use it” course. In this 2 hour course, James …
Professionally Evil Courses: Ride Along Penetration TestingRead More »
If you are paying attention to the news, security is a big topic. At least that’s what CNN and the Wall Street Journal think. And I would happen to agree. (I may be a bit biased!) But even with things like Heartbleed and 0-day flaws in IE, we still commonly hear from small businesses that …
At Secure Ideas, we work with a large number of organizations. These range from small mom-and-pop businesses to international corporations and government agencies. In any of these examples, we find that CIOs and management make the same mistakes when it comes to dealing with their security issues. When people talk about security and risk, we …
Is that a Shark? — Common Security Mistakes Organizations MakeRead More »
Wow, I can’t believe how long this release has been in the making. a couple of years ago, we were honored to be allowed to build MobiSec under the DARPA CyberFast Track process. We released the first two version quickly after that. Then at DerbyCon last year, we offered our MobiSec course for the first …
Secure Ideas is excited to announce the latest class in our Professionally Evil Course series: Ride Along Penetration Testing. This course will be held on March 11th at 2PM eastern. Unlike so many other courses, this is not a typical “here is a tool and how to use it” course. In this 2 hour course, …
Professionally Evil Courses: Ride Along Penetration TestingRead More »
Secure Ideas has tested hundreds, if not thousands, of applications over the years we have been in business. Based on this experience, along with our public classes and presentations around application security, Dave Kennedy of TrustedSec asked me to review the details of security flaws within HealthCare.gov. As part of this review, Dave provided a …
HealthCare.gov: Basic Security Failures and IT BloopersRead More »
Secure Ideas is excited to announce that I will be speaking as part of a panel later this month. On January 30th in Denver, Colorado, the Addressing the Real Issues Around Compliance in the Cloud panel will be held at Mile High Station. This panel will run from 4pm to 6pm. Faced with HIPAA, PCI, FISMA …
Secure Ideas is very excited to be offering the first public run of our Secure Coding for Web Developers class. This is a class we have been running for our clients in various forms over the last couple of years and have been asked to run it in Denver on January 14th and 15th 2014. …