Update: As of March 2021, I’d recommend using Android Virtual Devices over Chromebooks. Chromebooks still work (in many cases) but the AVDs are much easier to build and use. Jason wrote a great blog on how to set them up and can be found here: https://secureideas.com/blog/2020/09/how-to-configure-android-virtual-for-mobile-pentest.html. If you are still interested in using a Chromebook, …
So you ask who is this OWASP and why do I care? Well, let’s hear it directly from them: “Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations are able to …
We often get contacted by small businesses requesting their first penetration test because of compliance reasons, or because of “industry best practices,” or just to get an idea of how bad things really are. In many of those cases, their environment isn’t nearly mature enough to make a pentest worthwhile. Sometimes they’re insistent and we …
How to Test Your Security Controls for Small/Medium Businesses Read More »
Organizations of all sizes and industries face increasing challenges in safeguarding vast amounts of sensitive data, with Health Care being no different. The loss of Protected Health Information (PHI) incurs not only heavy fines and brand damage, but potentially everlasting damage to affected patients. According to the Ponemon Institute: The average total cost of a …
Secure Ideas is currently working on a revamp and redesign of our website and client portal, to promote a better user experience for our clients. Since a lot of our infrastructure is in AWS, we started to consider Cognito for authentication. On paper it seems to have a lot of what a security consultant could …
Cave of Broken Mirrors: 3 Issues with AWS Cognito Read More »