Syndicated Blog

Professionally Evil Insights
by Secure Ideas, LLC
“That looks ODD” Securing your workspace

“That looks ODD” Securing your workspace

When you look at “security” and the big picture, it always seems to come down to the decisions made by the Chief Security Officer (CSO) and Chief Information Officer (CIO). Besides what ...
Better API Penetration Testing with Postman – Part 3

Better API Penetration Testing with Postman – Part 3

In Part 1 of this series, we got started with Postman and generally creating collections and requests. In Part 2, we set Postman to proxy through Burp Suite, so that we could ...

We take security seriously and other trite statements

Earlier this week, Secure Ideas sent an initial notification regarding an incident targeting us that took place at a vendor. The initial notification email is available at: https://training.secureideas.com/newsletter/aom-incident-notification/).We promised at that time ...
Introduction to Burp Suite

Better API Penetration Testing with Postman – Part 2

In Part 1 of this series, I walked through an introduction to Postman, a popular tool for API developers that makes it easier to test API calls. We created a collection, and ...

Security Misconfigurations

The configuration of web and application servers is a very important aspect of web applications. Often times, failure to manage proper configurations can lead to a wide variety of security vulnerabilities within ...
Better API Penetration Testing with Postman – Part 1

Better API Penetration Testing with Postman – Part 1

This is the first of a multi-part series on testing with Postman. I originally planned for it to be one post, but it ended up being so much content that it would ...
Android App Testing on Chromebooks

Android App Testing on Chromebooks

Part of testing Android mobile applications is proxying traffic, just like other web applications. However, since Android Nougat (back in 2016), user or admin-added CAs are no longer trusted for secure connections ...
OWASP’s Most Wanted

OWASP’s Most Wanted

| | Penetration Testing
So you ask who is this OWASP and why do I care? Well, let’s hear it directly from them: “Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization ...
ShowMeCon 2018 Track 3 00 Whos Watching the Watchers Nathan Sweaney

How to Test Your Security Controls for Small/Medium Businesses

| | Penetration Testing
We often get contacted by small businesses requesting their first penetration test because of compliance reasons, or because of “industry best practices,” or just to get an idea of how bad things ...

HIMSS 2019 – Champions of Security Unite

Organizations of all sizes and industries face increasing challenges in safeguarding vast amounts of sensitive data, with Health Care being no different. The loss of Protected Health Information (PHI) incurs not only ...
Loading...