The Secure Ideas Difference
We believe that security is a team sport, and we are constantly striving to improve our skills and knowledge so that we can better protect our clients. We are also committed to sharing our expertise with the wider community through training and speaking engagements.
Kevin Johnson is the Chief Executive Officer of Secure Ideas. Kevin has a long history in the IT field including system administration, network architecture and application development. He has been involved in building incident response and forensic teams, architecting security solutions for large enterprises and penetration testing everything from government agencies to Fortune 100 companies. In addition, Kevin is a faculty member at IANS and was an instructor and author for the SANS Institute.
Kevin has performed a large number of trainings, briefings, and presentations for both public events and internal training. He is the author of three SANS Institute classes: SEC542: Web Application Penetration Testing and Ethical Hacking, SEC642: Advanced Web Application Penetration Testing, and SEC571: Mobile Device Security. Kevin has also presented at a large number of conventions, meetings and industry events. Some examples of these are: DerbyCon, ShmooCon, DEFCON, Blackhat, ISACA, Infragard, and ISSA.
Kevin is also very involved in the open source community and runs a number of open source projects. These include SamuraiWTF (a web pen-testing environment), Laudanum (a collection of injectable web payloads), Yokoso (an infrastructure fingerprinting project), and a number of others. Kevin is also involved in MobiSec and SH5ARK. Kevin was the founder and lead of the BASE project for Snort before transitioning that to another developer.
In his free time, Kevin enjoys spending time with his family and is an avid Star Wars fan and is a former member of the 501st Legion (a worldwide Star Wars costuming charity organization comprised of and operated by Star Wars fans).
Jason Gillam is Chief Information Officer (CIO) at Secure Ideas and an IANS faculty member. He has over 20 years of industry experience in enterprise software development, system architecture, and application security. Jason has spent most of his career in technical leadership roles ranging from startups to fortune 100 companies and has learned the business acumen necessary to advise everyone from developers to senior executives on security and architecture.
Jason co-built and managed an award-winning application security design and testing program at one of the world's largest financial institutions. He also provided numerous application security training and awareness briefings to large internal technical audiences and led the development of best practices code and documentation for the same. Jason is especially passionate about integration of security best practices with the SDLC.
Jason holds his CISSP and has conducted training and talks at numerous information security conferences including OWASP® AppSecUSA, Charlotte-Metro ISSA Summit, multiple BSides events (CLT, CHS, AVL, OKC), Hackfest (Canada), Carolinacon, and more. He is also the author of several Burp extensions including CO2 and Paramalyzer, and an active contributor to other open-source projects with a current focus on SamuraiWTF.
Denise is a homemaker, a homeschool teacher, and a mom to 2 daughters and lots of bonus kids.
Nathan Sweaney is a Principal Security Consultant with Secure Ideas. He has a wide range of experience in networking, systems administration, and development spanning 2 decades in IT and more than half of that in information security. Nathan has a considerable amount of experience with point-of-sale environments and managing compliance regulations such as PCI. He excels at finding practical, operationally feasible approaches for businesses to mitigate threats and minimize compliance obligations such as HIPAA and PCI.
Nathan regularly conducts security training, both publicly and privately, including secure coding techniques, network and application penetration testing, and more. He has spoken at security events such as DEFCON, BSidesLV, ShowMeCon, and the FBI’s Information Warfare Summit, as well as a wide variety of industry-specific events. He’s one of the core organizers of BSidesOK and has served on the board of directors for ISSA Oklahoma, OWASP® Tulsa, and the Hackers of Oklahoma Enterprises Syndicate.
He has the CISSP and has previously held the GPEN, GWAPT, and GAWN certifications.
Before coming to Secure Ideas, Eric spent close to 20 years working with Microsoft infrastructures for large Fortune 100 companies. Since its release, his core focus has been Active Directory. He was the technical leader and responsible for the engineering and architecture of one of the most complex and largest AD infrastructures used by one of the world’s largest banks. This included ongoing maintenance and major enhancements of not only a highly secure authentication environment, but also of all the supporting tool sets required to monitor its health and integrity. He also holds the CISSP certification.
This experience has given Eric a very strong knowledge of a variety of Microsoft products and best practices.
Mic is a perennial open-source contributor, having guided the Musashi and the Client Script Injection Kit (CSIK) projects, in addition to his contributions on SamuraiWTF and Arrrspace. He also strongly believes in providing quality developer training and has provided accessible public classes at a number of conferences. Mic’s class topics have included secure coding, advanced web proof-of-concept development, and attacking and securing microservice API architecture.
Andrew Kates is the business development manager for Secure Ideas. His experience includes more than a decade of significant project management support for client organizations nationwide, effectively managing client expectations across multiple industries. His management experience coupled with his research background brings a unique perspective to the Secure Ideas team. He is continually working to grow the Professionally Evil brand, and the Secure Ideas name.
Andrew works with clients throughout the project life-cycle including Scout Services, penetration testing, security assessments, and other consulting services offered by Secure Ideas.
Andrew earned a Bachelor of Arts degree in History from The University of North Florida.
Meghan Olsen is the Marketing Lead at Secure Ideas. For over four years, she has worked in marketing with online advertising, even website design, and SEO. Before then, Meghan was the lead weather anchor for a local TV station in Western Montana where she learned to understand different audiences and be able to connect with them.
In her free time, she likes to play co-ed sports with her husband, or you can find them at the beach with their two golden retrievers soaking up the sun... Since they didn't get as much sun in Montana as they do in Florida.
Bill McCauley is a Senior Security Consultant with Secure Ideas. He is a USAF Veteran and has worked with various electronics and IT systems over 20 years. His background covers a wide variety of industries including DoD, Healthcare, Education, Energy, and Security.
Bill has a strong interest in security, system administration, and training. His work experience includes system administration of various DoD and Healthcare systems within both Unix and Windows environments. He taught several Health IT classes for Lake Region State College. He has also spent a few years working with NERC CIP Compliance.
Bill holds a Bachelor of Science in Management/Computer Information Systems from Park University.
Travis Phillips is a Senior Security Consultant with Secure Ideas. Before joining Secure Ideas, he worked in the medical field as a data analyst & web/software developer before moving on to information security doing SOC work. He later moved on to product security testing for embedded systems on several architectures and device types. Travis also enjoys CTF’s & wargames for hacking challenges as a pastime.
Travis has developed a strong skill set towards application security as a result of both working in the development and security fields, reviewing the security of applications in both roles. Travis enjoys teaching at local professional groups and conferences when he can and building tools to make security testing faster and easier.
Jon has over 20 years of industry experience in systems administration, infrastructure architecture, and technical leadership. During that time he has worked for organizations in Financial Services, Healthcare, Big Data Analytics, and the Oil & Gas industry. His mix of technical and business leadership experience gives him an empathetic understanding of the balancing act most IT organizations face.
Cory Sabol is a Senior Security Consultant with a background in web development, game development, and machine learning.
Cory has done substantial research on the topic of container security, focused primarily on Docker and Kubernetes. In addition to using these skills to identify and exploit misconfigurations during penetration testing engagements, Cory has taught workshops on this topic to other security professionals. Cory also has considerable experience with API security. He has developed custom API security testing frameworks and tooling.
He has also led the development efforts on the Arrrspace containerized microservice training target. Currently he is researching game security and developing game security labs and training materials.
Alex Rodriguez is a security consultant with experience in Linux systems administration, Infrastructure as Code development, container platforms, automation development, and various CI/CD platforms. In his roles at Secure Ideas, he is one of the main admins of their production systems and all things automation. He utilizes Amazon Web Services, terraform, packer, vagrant, ansible, and also gets to work with clients on improving their infrastructure through penetration tests. Besides client work and system administration, he loves giving workshops and presenting on his various projects to the community. When he is not working, he is listening to as many podcasts as he can while continually improving in security, blogging, and coding.
Jennifer is a Senior Security Consultant with Secure Ideas with a background in malware analysis, penetration testing, and teaching. She graduated with honors from Florida State College at Jacksonville’s networking program. An avid computer geek for most of her life, she began her journey in cybersecurity as a SOC Analyst where she showed an aptitude for both penetration testing and malware analysis. She was quickly promoted into a role that capitalized on her abilities. She has experience performing penetration tests against web applications, mobile software and platforms, and social engineering.
Jennifer discovered a passion for computers and problem solving at a young age. She bought Steal This Computer Book 2.0, by Wallace Wang, with one of her first paychecks, and became enamored with hacking and cyber security. While pursuing her degree she dedicated time to teaching computing skills to underrepresented minorities. She is the co-leader for the TOOOL chapter in Jacksonville, FL. Jennifer continues to be passionate about teaching and is eager to share her knowledge with anyone who will listen.
In her free time, she likes gaming, playing around with SDR’s, and painting.
Kathy Collins is a Security Consultant at Secure Ideas. She assists with penetration testing, Scout services, and the Open SBK project. Kathy studied Cybersecurity at Fullstack Academy New York, holds a CompTia Security+ certification and is studying for the CISSP exam. Kathy’s background consists of 20 years of non-profit, education and corporate experience in the hospitality industry and she holds an A.A.S. in Culinary Arts from Le Cordon Bleu Chicago. She enjoys writing, 80’s horror movies, the outdoors, hands-on projects, cooking, and is currently in the planning phase of building a home theater.
Aaron Moss is a Senior Security Consultant (read: professional hacker) at Secure Ideas. He has over 15 years of experience in tech, ranging from helpdesk to penetration testing. In the past, he's been an IT Consultant, network/system/virtualization administrator, IT Director, and slacker. He is also one of the core organizers for BSides Oklahoma. In his free time, you can find him in his garage making random furniture out of spare 2x4s, hacking on some online CTFs, watching horror movies (specifically slashers) with his wife and kids (wait till you see his office!), or air drumming to Slayer.
Josh Kemp is a recent addition to the Secure Ideas team. He is a Security Consultant working in Scout Services. His background in the service industry as a DJ and Bar Manager allowed him to gain experience with computers and information systems. This interest sparked a career change that led him to pursue a degree in Computer Information Technology. When he's not working or studying, Josh enjoys repairing and modifying turntables and other small electronics.
R. Jason Belanger
R. Jason Belanger is a Security Consultant at Secure Ideas with an extensive background in Software Engineering focused on web, database, and native mobile development.
Jason has a bachelor's degree in Interactive Media Design from The Art Institute of Fort Lauderdale and studied Cybersecurity at Western Governors University where he earned several industry recognized certifications.
He enjoys long walks on the beach and herding cats.
Jenee Rogers is a Project Manager with Secure Ideas. She coordinates projects and training for the company as well as working closely with clients. She also assists with our social media and content building.
Jenee runs a non-profit Locksport training group, FoxPick, and trains at 16+ conferences per year to raise money for Hak4Kidz. She graduated from UNC Charlotte with a degree in Software Information Systems and a minor in Computer Engineering.
She is a Carolina Panthers fan, is absolutely obsessed with Futurama, and is fluent in American Sign Language.
Brenna Johnson is a Project Manager and Accounting Specialist with Secure Ideas. She started on the team as an Office Assistant and transitioned over to Accounting and Project Management. She hopes to get her degree in Psychology and ultimately graduate with her PhD. Currently she is taking courses to better understand and help clients through Project Management. She currently has a certificate in Project Management through Google but aims to gain more.
When she isn’t learning she also enjoys Tae Kwon Do, Horseback Riding, and art.
Why Secure Ideas?
Secure Ideas has been testing security systems since 2010, and its core testing competency is performed by consultants with at least ten years of IT experience each. Our primary goal in every penetration testing engagement is to help our clients improve their security posture. Here are a few other ways we stand out:
Though we are referred to as hackers, Secure Ideas was founded on a strong foundation of ethical security testing. Well defined rules of engagement, local and federal laws, and our clients' privacy are all critical considerations to us in every engagement.
You will never have to worry about Secure Ideas trying to pass off an automated scan as a penetration test. We make an effort to understand the technology and the current threat landscape to thoroughly test the security of IT systems and advise our clients accordingly.
We place a high value on our relationships with our clients. It is not enough to just do a penetration test and write up a report. At Secure Ideas, we welcome follow-up conversations, feedback, and questions from our clients year-round.