security testing

SamuraiWTF 3.2 RELEASED!

We are really excited to announce that SamuraiWTF 3.2 is now available publicly.  This release is available at immediately and we hope you enjoy it. In this release we have updated a number of tools, addressed bug issues, and improved the target environments to better suit a training environment. We have also updated the …

SamuraiWTF 3.2 RELEASED! Read More »

CORS Global Policy

I recently noticed an uptake on Cross-Origin Resource Sharing (CORS) findings showing up in automated scanning tools, which would not have been a significant concern except for the fact that the tools were rating this as a relatively “high” severity and very few people I asked about it seemed to have any idea what it …

CORS Global Policy Read More »

Is that a Shark? — Common Security Mistakes Organizations Make

At Secure Ideas, we work with a large number of organizations. These range from small mom-and-pop businesses to international corporations and government agencies. In any of these examples, we find that CIOs and management make the same mistakes when it comes to dealing with their security issues. When people talk about security and risk, we …

Is that a Shark? — Common Security Mistakes Organizations Make Read More »

Comprehensive Testing: Red and Blue Make Purple Video

James Jardine and I held the Comprehensive Testing (Purple Teaming) webcast yesterday.  In this webcast we discussed how red teaming works, what it means to be a blue team member and how combining the testing of these roles improves the security of an organization.  We talked through various misconceptions and told a lot of stories. …

Comprehensive Testing: Red and Blue Make Purple Video Read More »

Professionally Evil Web Penetration Testing Class

Ever thought about being able to test the security of your web applications? Wanted to know how the Professionally Evil hack web services and applications?  Interested in upgrading your skills around attacking modern web applications? Well now you have your chance! Secure Ideas is excited to announce the latest in our course offerings.  We will be …

Professionally Evil Web Penetration Testing Class Read More »

Purple Teaming for Success

You know what blue teams and red teams are.  Red is our attack side, or the adversaries, and Blue is the defense side.  Unfortunately, we don’t see both teams working together in many situations.  Having a red team test your network or application provides a great service to understanding the weaknesses.  But this is not …

Purple Teaming for Success Read More »

Scroll to Top