Escaping the Whale: Things You Probably Shouldn’t Do With Docker (part 2)
This post is part 2 of a series of blog posts on container hacking. If you haven’t read the part1, ...
Continue Reading
Finding Your Weakness: Triaging Your Domains with SWAT
I have been involved in IT and security in one way or another for almost 30 years. I have worked ...
Continue Reading
Defending the Wall: Strong Passwords
Strong passwords are an important part of maintaining accounts and of any organization’s security ...
Continue Reading
Tips for Penetration Testing a PCI environment
Hello everyone! I put together a list of things to help me keep my PCI testing on track, not to ...
Continue Reading
Three C-Words of Web App Security: Part 1 - CORS
For those less versed in web applications and how they’ve evolved, I wrote a sort of prologue to ...
Continue Reading
Watching yOUr Permissions
Often, one of the main goals of a pen tester is to get Domain Admin (DA) rights in a client’s ...
Continue Reading
Going the distance with Burp
Welcome to the 5th blog on Burp Suite, and Happy 4th of July! Please visit Secure Ideas’ previous ...
Continue Reading
Ethics of Ethical Hacking
Ethical hacking uses the principles and techniques of hackers to help businesses protect their ...
Continue Reading
Checking Under the Bed
I’ve got four kids and part of their chores involve cleaning up their bedrooms. Inevitably, their ...
Continue Reading
Why are software updates important?
We have all seen the alert that “updates are available,” or “software update needed.” How often ...
Continue Reading
The “Human Sensor” Continuum
How people can counteract suspicious activity and crime in the workplace As a security professional ...
Continue Reading