Hello everyone! I put together a list of things to help me keep my PCI testing on track, not to mention just as a guideline to start discussions among others doing similar testing. This blog post is not an answer to everything PCI, but I think it’s a pretty good place to start. I pulled …
The PCI Security Standards Council released a Penetration Testing Guidance information supplement in March 2015. This document, while geared towards the Payment Card Industry, provides a lot of valuable advice to the providers of penetration tests and their clients, regardless of industry. At 40 pages in length the document might seem a bit heavy, so …
Secure Ideas’ prides itself on providing the highest level of service to our customers. We are tirelessly searching for new tools, and methods to use in strengthening security for our clients. With that in mind, it is with great pleasure that we announce the unveiling of PCIScout. After undergoing a thorough vetting, and testing process, …
If you are paying attention to the news, security is a big topic. At least that’s what CNN and the Wall Street Journal think. And I would happen to agree. (I may be a bit biased!) But even with things like Heartbleed and 0-day flaws in IE, we still commonly hear from small businesses that …
Last week Windows XP finally reached its end of life. The operating system was released back in 2002 and was (and still is) a favorite among many users. So what does it mean that it is now reached the end? Well.. If you are still using it, it will still work. You don’t have …
I’m excited to announce that I will be returning to my hometown of Kingston, Ontario to teach a two-day, hands-on Secure Coding course at Kingston MakerSpace, May 5-6, 2014. This course is geared towards software developers who want to learn the details of common web application attacks and what coding strategies to use to properly …
Secure Coding for Developers at Kingston MakerSpace, May 5-6 Read More »
“What do you think about privacy?” That’s the question I asked my wife last week. We had just received an email from Target explaining that our personal data was stolen along with 70 million other customers in their latest breach. The week before we had received notification from our bank that both of our cards …
Secure Ideas is excited to announce that I will be speaking as part of a panel later this month. On January 30th in Denver, Colorado, the Addressing the Real Issues Around Compliance in the Cloud panel will be held at Mile High Station. This panel will run from 4pm to 6pm. Faced with HIPAA, PCI, FISMA …
Last Friday Target issued an update acknowledging that encrypted PIN data were included in the data stolen in their recent breach. This quickly became a hot news segment and the social media was abuzz with renewed criticism of the retailer. Though the data technically was stolen, and I applaud Target for publicly announcing it, this …