Professionally Evil Insights

Welcome to the Professionally Evil Insights blog by Secure Ideas! In this digital playground, we unravel the complex world of information security with a touch of fun. Our expert-led content ranges from deep-dives into penetration testing to explorations of hardware hacking. Whether you're curious about Secure Ideas or passionate about cybersecurity, this blog is your quick, enlightening, and entertaining guide into the captivating world of information security.

Welcome aboard!

    Featured Image
    Paths to Power in Active Directory Part 1: How AD CS Misconfigurations Become the Keys to the Kingdom
    penetration testing |  best practices |  Active Directory |  risk assessment
    An Introduction to Active Directory Certificate Services (AD CS) I am still pretty new to consulting and penetration testing full-time. I came into consulting with knowing the basics from years previous. Whether it was working my way through various assignments in graduate school, listening to ...
    Continue Reading

    Never miss a Professionally Evil update!

    Sign Up For Our Newsletter
    Annual Pentests Aren't Cutting It Anymore: Why Continuous Testing Beats Scrambling at Renewal Time
    Annual Pentests Aren't Cutting It Anymore: Why Continuous Testing Beats Scrambling at Renewal Time
    Let's be honest about something: if you're still relying on that once-a-year penetration test to ...
    Continue Reading
    Quantum Leaping Through Data: Preparing for the Quantum Encryption Transition
    Quantum Leaping Through Data: Preparing for the Quantum Encryption Transition
    best practices  |  compliance  |  risk assessment  |  NIST  |  CISA
    Quantum computing and its implications for cryptography isn't a new discussion. Security ...
    Continue Reading
    Your Risk Framework Is Broken: The Al Reality Check Every CISO Needs
    Your Risk Framework Is Broken: The Al Reality Check Every CISO Needs
    Every risk management framework in cybersecurity relies on the same fundamental equation: Risk = ...
    Continue Reading
    Best Practices and Risks Considerations in Automation like LCNC and RPA
    Best Practices and Risks Considerations in Automation like LCNC and RPA
    best practices  |  LCNC  |  RPA
    The Rise of Low-Code/No-Code and RPA in Digital Transformation Technologies such as ...
    Continue Reading
    Everything You Need To Know About The Nist Cybersecurity Framework 2.0
    Everything You Need To Know About The Nist Cybersecurity Framework 2.0
    best practices  |  cybersecurity  |  government  |  CSF  |  cybersecurity standards  |  framework  |  NIST  |  profiles  |  tiers
    This week NIST released the highly anticipated update to the Cybersecurity Framework (CSF). Here’s ...
    Continue Reading
    Quick Bites Ep 6 - Good Hygiene is IMPORTANT, PEOPLE!
    Quick Bites Ep 6 - Good Hygiene is IMPORTANT, PEOPLE!
    Guidance  |  best practices  |  Quick Bites  |  Cyber  |  Hygiene  |  CIS Top 18  |  Blue Team
    So, I just missed a week of work because of the flu (it wasn’t COVID, I got tested). The flu SUCKS. ...
    Continue Reading
    Application Security 202: Vulnerabilities Accepted
    Application Security 202: Vulnerabilities Accepted
    vul·ner·a·bil·i·ty The quality or state of being exposed to the possibility of being attacked or ...
    Continue Reading
    Waving the White Flag: Why InfoSec should stop caring about HTTPOnly
    Waving the White Flag: Why InfoSec should stop caring about HTTPOnly
    As a company that is constantly working with our penetration testing clients on understanding where ...
    Continue Reading
    Has contents: true Total pages: 1 Current page: 1