Why we ditched LastPass
LastPass is a very popular password management service with both personal and business solutions. ...
Continue Reading
Is the CISSP Mentorship for me?
“Knowledge is power.” That quote has been said more times than you can count because it’s true. The ...
Continue Reading
What happened to CVE-2022-23529? And what can we learn from it?
If you saw the disclosure notice for the flaw CVE-2022-23529, it would have been presented as a ...
Continue Reading
Risks of AI Generated Content, According to an AI Content Generator
AI and Machine Learning (ML) have become increasingly popular tools in various industries, ranging ...
Continue Reading
Quick Bites 7 - Dr. TamperMonkey (Or: How I Learned to Stop Worrying and Love JavaScript)
We get really excited here at Secure Ideas about sharing knowledge with others. Our mission ...
Continue Reading
Steam Deck Privacy and Security
Like any portable computing device, there are going to be questions about privacy and security. The ...
Continue Reading
ZAPmas Feedback
Testing |
open source |
web penetration testing |
OWASP |
mobile application |
web application security |
API
Sometimes Christmas comes early, and in this case for me it was the publication of the Twelve Days ...
Continue Reading
12 Days of ZAPmas - Day 12 Testing a new Content-Security-Policy
What is the CSP? The Content-Security-Policy (CSP) is a widely recommended control and is ...
Continue Reading
Twelve Days of ZAPmas - Day 11 - ZAP impressions from a Burp user
It probably seems a bit odd to do this on Day 11 and not at the end of the series, but I have one ...
Continue Reading
Twelve Days of ZAPmas - Day 10 - Manual Web App Testing Unproxied
Most of the time, proxying the browser doesn’t present any sort of trouble. You should be able to ...
Continue Reading
Twelve Days of ZAPmas - Day 9 - Automated Scanning and ATTACK mode
Automated scanning against an application is useful. It’s a faster and less labor-intensive way to ...
Continue Reading