Visual Learner? Look no further!
Secure Ideas has been in the business for 10 years and over the last ten years we have found that ...
Continue Reading
Waving the White Flag: Why InfoSec should stop caring about HTTPOnly
As a company that is constantly working with our penetration testing clients on understanding where ...
Continue Reading
Proxying HTTPS Traffic with Burp Suite
The Problem For newcomers to application penetration testing, a reasonably common question is How ...
Continue Reading
Einstein Told Us: Why User Awareness is NOT the right focus
“The definition of insanity is doing the same thing over and over again and expecting different ...
Continue Reading
Cooking up Better Security Incident Communications
I am fond of meal kits. I enjoy the entire experience: the scrolling through delicious-looking meal ...
Continue Reading
Asset Discovery
The first step in securing any organization is to understand what you have. Unless you have a ...
Continue Reading
Getting Started API Penetration Testing with Insomnia
In our blog series on Better API Penetration Testing with Postman we discussed using Postman as the ...
Continue Reading
![[Update] Using Components with Known Vulnerabilities](https://www.secureideas.com/hubfs/businessman%20hand%20showing%20partnership%20sign%20as%20%20concept.webp)
[Update] Using Components with Known Vulnerabilities
When an organization has a breach, you would like to imagine that the attacker crafted a new ...
Continue Reading
Kubernetes Security - A Useful Bash One-Liner
Whether you’re an administrator, pentester, devop engineer, programmer, or some other IT person, ...
Continue Reading
How I Became a Security Consultant: AbsoluteAppsec Interview
Every so often, podcasts and such will invite me to speak on a variety of topics. And this week, I ...
Continue Reading
Once upon a time there was a WebSocket
This is the story from one of our recent penetration testing engagements. Still, the story is a ...
Continue Reading