Professionally Evil Insights

Welcome to the Professionally Evil Insights blog by Secure Ideas! In this digital playground, we unravel the complex world of information security with a touch of fun. Our expert-led content ranges from deep-dives into penetration testing to explorations of hardware hacking. Whether you're curious about Secure Ideas or passionate about cybersecurity, this blog is your quick, enlightening, and entertaining guide into the captivating world of information security.

Welcome aboard!

    Featured Image
    Supply Chain Security: Trust Is the New Attack Surface
    information security |  penetration testing |  cybersecurity |  appsec |  Secure Development
    In February 2026, while participating in a panel at IT Expo, one statement kept resonating throughout the discussion: most breaches today don’t start at the perimeter, they do start with abused trust. For years, we invested heavily in defending the edge using mechanisms like firewalls, ...
    Continue Reading

    Never miss a Professionally Evil update!

    Sign Up For Our Newsletter
    The CISO's Myopia
    The CISO's Myopia
    Fifteen years ago, I wrote an article entitled "The CSO’s Myopia." At the time, I aimed to ...
    Continue Reading
    Prompt Injection
    Prompt Injection
    What is Prompt Injection?
    Continue Reading
    Using PETaaS to Lower Your Cyber Insurance Costs
    Using PETaaS to Lower Your Cyber Insurance Costs
    information security  |  cybersecurity  |  pentesting  |  cost  |  PETaaS  |  Cyber Insurance  |  Insurance
    Modern networks have more than their fair share of risks, with the most damaging often being data ...
    Continue Reading
    Navigating Evolving Regulations: Staying Ahead of Change
    Navigating Evolving Regulations: Staying Ahead of Change
    In today's rapidly expanding business world, the only constant seems to be change itself. One of ...
    Continue Reading
    What happened to CVE-2022-23529? And what can we learn from it?
    What happened to CVE-2022-23529? And what can we learn from it?
    If you saw the disclosure notice for the flaw CVE-2022-23529, it would have been presented as a ...
    Continue Reading
    What are the key requirements of the GLBA Safeguards Rule?
    What are the key requirements of the GLBA Safeguards Rule?
    The Gramm-Leach-Bliley Act (GLBA) contains the Safeguards Rule. This requires financial businesses ...
    Continue Reading
    Application Security 202: Vulnerabilities Accepted
    Application Security 202: Vulnerabilities Accepted
    vul·ner·a·bil·i·ty The quality or state of being exposed to the possibility of being attacked or ...
    Continue Reading
    Secure Copy with SSH
    Secure Copy with SSH
    Training  |  encryption  |  information security  |  penetration testing  |  professionally evil  |  Secure Ideas  |  home lab  |  secure copy  |  windows scp  |  ssh  |  scp  |  linux scp  |  secure shell  |  secure file transfer  |  protocol
    Continue Reading
    Digging Between the Couch Cushions - CouchDB CVE-2021-38295 Breakdown
    Digging Between the Couch Cushions - CouchDB CVE-2021-38295 Breakdown
    Introduction In this blog post we’re going to take a look at the recent CouchDB vulnerability, ...
    Continue Reading
    Has contents: true Total pages: 1 Current page: 1