.svg "2024_Full_Logo_Full_Color_SVG (1)"){kind=logo}
What do you mean my password is not secure?
Almost all of the applications we use have one big thing in common: they all use a username and ...
Continue Reading
Webcast: Vulnerabilities in Your Medical Practice: Security Testing for Healthcare
Later this month I will be presenting a free webcast: “Vulnerabilities in Your Medical Practice: ...
Continue Reading
Its more than Healthcare.gov: Lets fix the problem
There has been a lot of buzz around the Healthcare.gov website and the possible security ...
Continue Reading
Password Sharing Across Accounts
Over the past few years we have seen a large number of databases get compromised leading to the ...
Continue Reading
DerbyCon 2013 Wrap Up
Another year and another awesome conference put on by Dave Kennedy and his team. DerbyCon never ...
Continue Reading
Details, Details, Details...How Much is Enough?
So you think being a penetration tester is the coolest thing around right? Me too.. but there is ...
Continue Reading
Professionally Evil: Self Inflicted Injury at Vendor's Request
It’s an unfortunate and still too common a vulnerability to find administrative interfaces exposed ...
Continue Reading
SIAM: Custom Testing Machines
Secure Ideas recently made the decision to create custom machines that we could use for penetration ...
Continue Reading
We Can't Rely on the Browser for Protection
A large part of doing security consulting is providing proper mitigations and recommendations to ...
Continue Reading
When the flood is going to come...
Most everyone in the U.S. is aware that it's not uncommon for the Mississippi River to flood in the ...
Continue Reading
Burp Extension for F5 Cookie Detection
This past February, my fellow colleague James Jardine wrote an excellent blog post called “Decoding ...
Continue Reading