Professionally Evil Insights

Welcome to the Professionally Evil Insights blog by Secure Ideas! In this digital playground, we unravel the complex world of information security with a touch of fun. Our expert-led content ranges from deep-dives into penetration testing to explorations of hardware hacking. Whether you're curious about Secure Ideas or passionate about cybersecurity, this blog is your quick, enlightening, and entertaining guide into the captivating world of information security.

Welcome aboard!

    Featured Image
    Risk-Driven Approach: The Federal Government’s Shift in Cybersecurity Burden
    penetration testing |  Threat-Led Penetration Testing
    From All-Hazards to Risk-Informed The New Risk-Informed Paradigm One of the most significant shifts for our industry in the current administration's cybersecurity approach is the strategic pivot from an all-hazards approach to a risk-informed approach for critical infrastructure protection, as ...
    Continue Reading

    Never miss a Professionally Evil update!

    Sign Up For Our Newsletter
    Understanding Garbage Findings
    Understanding Garbage Findings
    There is a well-meaning desire among penetration testers to produce findings. The fact of the ...
    Continue Reading
    Houston, We Have a Problem
    Houston, We Have a Problem
    Satellite Security Testing: A Holistic Approach Last month, I had the opportunity to present at ...
    Continue Reading
    When Algorithms Aren’t Enough: Why the Human Element Still Matters in Modern Penetration Testing
    When Algorithms Aren’t Enough: Why the Human Element Still Matters in Modern Penetration Testing
    The cybersecurity industry has evolved into two distinct approaches when it comes to penetration ...
    Continue Reading
    Solicited Public Comment on HIPAA Security Rule NPRM To Strengthen the Cybersecurity of ePHI
    Solicited Public Comment on HIPAA Security Rule NPRM To Strengthen the Cybersecurity of ePHI
    The Department of Health and Human Services (HHS) wants to raise the benchmarks of the Security ...
    Continue Reading
    The CISO's Myopia
    The CISO's Myopia
    Fifteen years ago, I wrote an article entitled "The CSO’s Myopia." At the time, I aimed to ...
    Continue Reading
    Mobile Testing Considerations
    Mobile Testing Considerations
    Testing In Mobile Applications In today’s world, the significance of mobile applications in our ...
    Continue Reading
    The reason I stopped using Postman for API Pentests
    The reason I stopped using Postman for API Pentests
    I’ve been a proponent of Postman for a number of years. I’ve written and spoken about using it in ...
    Continue Reading
    CyberScream - Hacking Like a Ghost(face)
    CyberScream - Hacking Like a Ghost(face)
    consulting  |  data breach  |  penetration testing  |  professionally evil  |  hacking  |  analysis  |  cybersecurity  |  pentesting  |  phishing  |  security breach  |  exploits  |  Halloween  |  webcast
    It’s that most hauntingly wonderful time of year again! Halloween is upon us, along with the dread ...
    Continue Reading
    Navigating Evolving Regulations: Staying Ahead of Change
    Navigating Evolving Regulations: Staying Ahead of Change
    In today's rapidly expanding business world, the only constant seems to be change itself. One of ...
    Continue Reading
    Understanding Server-Side Template Injection (SSTI)
    Understanding Server-Side Template Injection (SSTI)
    Web applications play a vital role in delivering dynamic content to users. To achieve this, ...
    Continue Reading
    Introducing BILE - Groundbreaking Classification for Web App
    Introducing BILE - Groundbreaking Classification for Web App
    As a seasoned web application penetration tester, I've always felt that there should be a more ...
    Continue Reading
    Has contents: true Total pages: 2 Current page: 1
    1 2