Preparing for a Consultant
As security consultants, we regularly travel to clients’ sites and experience a wide range of ...
Continue Reading
Autocomplete and actual risk: Why do we look at it?
Autocomplete is always a fun topic to discuss…. ok maybe my idea of fun is not the normal idea. 🙂 ...
Continue Reading
Professionally Evil: This is NOT the Wireless Access Point You are Looking For
I was recently conducting a wireless penetration test and was somewhat disappointed (but happy for ...
Continue Reading
Professionally Evil: Your Stealth Startup is Showing
During our penetration tests we often get asked about the amount of information that is leaking out ...
Continue Reading
Brute Forcing the Change Password Feature
As a penetration tester, brute force attacks are something I test for on every application. ...
Continue Reading
GSA Database May Have Leaked Information: Kevin Johnson was Interviewed
Recently it was announced that there was a security flaw found in one of the GSA systems that could ...
Continue Reading
Hiring Philosophy and How to Get Into InfoSec
As one of the founders of Secure Ideas, I am often asked how someone gets into InfoSec and/or how ...
Continue Reading
Who are We: Kevin Johnson
So here at Secure Ideas we have decided to do a small series of posts. The purpose of these posts ...
Continue Reading
Looking for Malicious PHP Files
A while back I had to deal with a compromised web server for some folks. They had some WordPress ...
Continue Reading
Podcast Show Notes: Why are Passwords so Difficult
Kevin and James just finished up recording episode 2 of the Professionally Evil Perspective ...
Continue Reading
The Watering Hole: Is it Safe to Drink?
How many times have you been told you have a vulnerability that you just don’t understand its ...
Continue Reading