Run as Admin: Executive Order on Cybersecurity
On May 12, 2021, President Biden issued an executive order on cybersecurity. This new order combines many trends we’re already seeing in the Fortune...
AppSec Cheat Code: Shift Left, Shift Right, Up, Down & Start
Seamless and unobtrusive security is the future. We are huge advocates of shifting left and moving security testing earlier in the development...
3 Reasons to Pentest with Brave
Penetration testing is a race against the clock. Often, we only have a few days to examine all the functionality of a web application or an API. That...
The OPSEC of Protesting
For the past three months thousands of people have been protesting in the United States due to the deaths of George Floyd, Breonna Taylor, Tony...
[Update] Using Components with Known Vulnerabilities
When an organization has a breach, you would like to imagine that the attacker crafted a new exploit, leveraging a zero-day vulnerability that no one...
Fiddling with Windows: Proxy tools for Win10
If you have been following along with us, you know how to set up a Windows 10 Virtual Machine (VM) for web app pentesting. But now we have run into...
In Case of Fire: Break Windows
When a client calls us to pentest a web application that is only available in Internet Explorer. I cringe. I don’t know if it’s flashbacks from the...
IAM Access Analyzer Review
TL;DR – This is a free tool that helps solve one of the biggest security problems when working in AWS. Turn it on. Turn it on now! Instructions are...
IAM Root: AWS IAM Simulator Tutorial
If you needed yet another reason to be paranoid about your personal information being exposed, the recent Capital One breach should be sufficient...
Taming the Jungle: Hardening your AWS infrastructure
After nine tutorials, sixteen posts on stack overflow, and several hours or workweeks of effort you’ve finally done it. You’ve finally got something...
Welcome to the New Secureideas.com
We are excited to announce the launch of the new Secure Ideas website. It is located at the same url: https://www.secureideas.com. We hope you like...
Cave of Broken Mirrors: 3 Issues with AWS Cognito
Secure Ideas is currently working on a revamp and redesign of our website and client portal, to promote a better user experience for our clients....