Your Passwords Were Stolen: What's Your Plan?
If you have been glancing at many news stories this year, you have certainly seen the large number ...
Continue Reading
SSL Certificates: Setting Up and Authorizing the Internal Certificate Authority
In this post, I wanted to give something directly to the Blue Teams out there. I also thought I ...
Continue Reading
Using a Throwing Star to Capture Packets
Mobile applications are a hot commodity these days. It seems like everyone and their brother/sister ...
Continue Reading
Preparing for a Consultant
As security consultants, we regularly travel to clients’ sites and experience a wide range of ...
Continue Reading
Autocomplete and actual risk: Why do we look at it?
Autocomplete is always a fun topic to discuss…. ok maybe my idea of fun is not the normal idea. 🙂 ...
Continue Reading
Professionally Evil: This is NOT the Wireless Access Point You are Looking For
I was recently conducting a wireless penetration test and was somewhat disappointed (but happy for ...
Continue Reading
Professionally Evil: Your Stealth Startup is Showing
During our penetration tests we often get asked about the amount of information that is leaking out ...
Continue Reading
Brute Forcing the Change Password Feature
As a penetration tester, brute force attacks are something I test for on every application. ...
Continue Reading
GSA Database May Have Leaked Information: Kevin Johnson was Interviewed
Recently it was announced that there was a security flaw found in one of the GSA systems that could ...
Continue Reading
Hiring Philosophy and How to Get Into InfoSec
As one of the founders of Secure Ideas, I am often asked how someone gets into InfoSec and/or how ...
Continue Reading
Who are We: Kevin Johnson
So here at Secure Ideas we have decided to do a small series of posts. The purpose of these posts ...
Continue Reading