Professionally Evil Insights

Welcome to the Professionally Evil Insights blog by Secure Ideas! In this digital playground, we unravel the complex world of information security with a touch of fun. Our expert-led content ranges from deep-dives into penetration testing to explorations of hardware hacking. Whether you're curious about Secure Ideas or passionate about cybersecurity, this blog is your quick, enlightening, and entertaining guide into the captivating world of information security.

Welcome aboard!

    Featured Image
    Understanding Garbage Findings
    penetration testing |  Reporting |  Findings
    There is a well-meaning desire among penetration testers to produce findings. The fact of the matter is that we want to deliver value, and a report with few findings can feel like a failure to do so. This can lead to the inclusion of what I term Garbage findings. The problem with Garbage findings ...
    Continue Reading

    Never miss a Professionally Evil update!

    Sign Up For Our Newsletter
    What’s new in the OWASP Proactive Controls for 2024
    What’s new in the OWASP Proactive Controls for 2024
    I have taught a number of application security classes to developers. When it comes to ...
    Continue Reading
    Many Hands Approach To AppSec
    Many Hands Approach To AppSec
    "If you want to frustrate a good developer, interfere with their ability to complete work." - ...
    Continue Reading
    Tartar Sauce for your Phishing Program
    Tartar Sauce for your Phishing Program
    Phishing awareness exercises have become a common part of the larger security strategy for many ...
    Continue Reading
    Top 5 Security Considerations for a New Web App: 5. Establishing a Dependency Patching Plan
    Top 5 Security Considerations for a New Web App: 5. Establishing a Dependency Patching Plan
    Welcome to our comprehensive series on the Top 5 Security Considerations for a New Web App. This ...
    Continue Reading
    Top 5 Security Considerations for a New Web App: 4. Logging & Monitoring
    Top 5 Security Considerations for a New Web App: 4. Logging & Monitoring
    Welcome to our comprehensive series on the Top 5 Security Considerations for a New Web App. This ...
    Continue Reading
    Top 5 Security Considerations for a New Web App: 3. Data Encryption & Protection
    Top 5 Security Considerations for a New Web App: 3. Data Encryption & Protection
    Welcome to my comprehensive series on the Top 5 Security Considerations for a New Web App. This ...
    Continue Reading
    Top 5 Security Considerations for a New Web App: 2. Authentication & Authorization
    Top 5 Security Considerations for a New Web App: 2. Authentication & Authorization
    Welcome to my comprehensive series on the Top 5 Security Considerations for a New Web App. This ...
    Continue Reading
    Top 5 Security Considerations for a New Web App: 1. Secure Coding
    Top 5 Security Considerations for a New Web App: 1. Secure Coding
    Welcome to my comprehensive series on the Top 5 Security Considerations for a New Web App. For this ...
    Continue Reading
    Top 5 Security Considerations for a New Web App
    Top 5 Security Considerations for a New Web App
    There was a time when many folks responsible for building and deploying web applications were naive ...
    Continue Reading
    Being Safe and Secure with Cross-Origin Messaging
    Being Safe and Secure with Cross-Origin Messaging
    security  |  JavaScript  |  application  |  web  |  cross-origin
    Complex web and mobile apps often depend on cross-domain interactions between different online ...
    Continue Reading
    The reason I stopped using Postman for API Pentests
    The reason I stopped using Postman for API Pentests
    I’ve been a proponent of Postman for a number of years. I’ve written and spoken about using it in ...
    Continue Reading
    Has contents: true Total pages: 4 Current page: 1
    1 2 3 4