Professionally Evil Insights

Welcome to the Professionally Evil Insights blog by Secure Ideas! In this digital playground, we unravel the complex world of information security with a touch of fun. Our expert-led content ranges from deep-dives into penetration testing to explorations of hardware hacking. Whether you're curious about Secure Ideas or passionate about cybersecurity, this blog is your quick, enlightening, and entertaining guide into the captivating world of information security.

Welcome aboard!

    Rolling for Resilience: A Strategic Guide to Cybersecurity Table-top Exercises
    This is the first post in this series addressing my perspective on the current state of Cybersecurity Incident Response training and an approach to improve interest, participation, and expanded learning. Rolling a 1 on Engagement: Rethinking the Security Awareness Check Let’s be real, convincing ...
    Continue Reading

    Never miss a Professionally Evil update!

    Risk-Driven Approach: The Federal Government’s Shift in Cybersecurity Burden
    From All-Hazards to Risk-Informed The New Risk-Informed Paradigm One of the most significant shifts ...
    Continue Reading
    Understanding Garbage Findings
    There is a well-meaning desire among penetration testers to produce findings. The fact of the ...
    Continue Reading
    Houston, We Have a Problem
    Satellite Security Testing: A Holistic Approach Last month, I had the opportunity to present at ...
    Continue Reading
    Cybersecurity Essentials for SMBs: Building a Robust Program
    When discussions arise around companies' cybersecurity programs, the focus often gravitates towards ...
    Continue Reading
    The Essential Eight
    NIST  |  Essential 8  |  ASD
    Australian Signals Directorate’s Top 8 Controls to Mitigate Cyber Security Incidents & How They ...
    Continue Reading
    From Nmap to CSV
    How Experience and Management Skills Improve Data Analysis for Security Professionals The other ...
    Continue Reading
    You Don’t Need PKINIT To Win It
    Privilege Escalation using LDAP Part 1 Pass-the-certificate has become a common method used by ...
    Continue Reading
    Built-In Network Capture with Windows 11
    Did you know that Windows has a built-in network packet capture utility? And that it isn’t even GUI ...
    Continue Reading
    Running and Debugging Non-native ELF Binaries Locally Using QEMU, BINFMT, and GDB
    ELF  |  QEMU  |  BINFMT  |  GDB
    Overview One of the common tasks that occurs when pentesting an embedded device is binary analysis ...
    Continue Reading
    Who Really Owns Your Data?
    data  |  Privacy
    When we traded ownership for convenience, we never imagined that everything from our books to our ...
    Continue Reading
    When Algorithms Aren’t Enough: Why the Human Element Still Matters in Modern Penetration Testing
    The cybersecurity industry has evolved into two distinct approaches when it comes to penetration ...
    Continue Reading
    Has contents: true Total pages: 30 Current page: 1