The Fellowship of the Phish: PayPal's Perilous Request Feature
In cybersecurity, we often find ourselves fixated on the latest sophisticated malware or zero-day ...
Continue Reading
Secure Ideas is CREST-Certified. Here’s Why That Matters
Cybersecurity is no longer a monolithic topic – if it ever was. Specialization matters. ...
Continue Reading
Step Into the Shadows: The Haunting of the Dark Web
Ready to venture into the unseen corners of the internet? Join us for a Halloween webcast, "The ...
Continue Reading
Automating UART Command Injection with the Flipper Zero and JavaScript
Overview The Flipper Zero recently came out with a JavaScript system built off of MJS that exposes ...
Continue Reading
What’s new in the OWASP Proactive Controls for 2024
I have taught a number of application security classes to developers. When it comes to ...
Continue Reading
Many Hands Approach To AppSec
"If you want to frustrate a good developer, interfere with their ability to complete work." - ...
Continue Reading
The CISO's Myopia
Fifteen years ago, I wrote an article entitled "The CSO’s Myopia." At the time, I aimed to ...
Continue Reading
Kubernetes Pentesting: The Hacker’s Harvest
Are you ready to dive into the world of Kubernetes pentesting? Join us for our upcoming webcast, ...
Continue Reading
From Code to Cloud: Strengthening IaC Security with SAST
Infrastructure as Code (IaC) is a cornerstone in modern DevOps and DevSecOps practices, but how do ...
Continue Reading
NMAP in Action: API's
In a recent blog post, my coworker Josh introduced the fundamentals of NMAP and highlighted its ...
Continue Reading
Tartar Sauce for your Phishing Program
Phishing awareness exercises have become a common part of the larger security strategy for many ...
Continue Reading