The Secure Ideas Difference
We believe that security is a team sport, and we are constantly striving to improve our skills and knowledge so that we can better protect our clients. We are also committed to sharing our expertise with the wider community through training and speaking engagements.
Executive Leadership
Kevin Johnson
Kevin Johnson is CEO of Secure Ideas, a consulting company dedicated to security testing and training. Kevin passionately advocates for cybersecurity through his work with Secure Ideas, as a global board member for OWASP and as a faculty member at IANS. During his over 30 years in the industry, Kevin acted as an instructor and author for the SANS institute. He also contributed to a number of open-source projects, including OWASP SamuraiWTF (a web pen-testing training environment), Laudanum (a collection of injectable web payloads) and Yokoso (an infrastructure fingerprinting project) and was the founder and lead of the BASE project for Snort. Kevin has served as an expert witness in court cases involving cybersecurity.
Kevin began his IT career in system administration and application development. He went on to build incident response and forensic teams, architect security solutions for large enterprises and pen test everything from government agencies to Fortune 100 companies. He is the author of three SANS Institute classes: SEC542: Web Application Penetration Testing and Ethical Hacking, SEC642: Advanced Web Application Penetration Testing, and SEC571: Mobile Device Security. In 2010 Kevin established Secure Ideas, LLC.
Kevin understands that the path to security is through education and information sharing. As a result, Kevin participates in various podcasts and training activities. He is regularly invited to keynote cybersecurity events like ISSA, GrrCon, and ShowMeCon. He has also spoken at many conferences including RSA, DEF CON, OWASP, DerbyCon, ShmooCon, and BlackHat.
When not immersed in consulting, testing, and educating, Kevin loves spending time with his daughters and exploring woodworking and costuming with the 501st Legion.
Jason Gillam
Jason Gillam is Chief Information Officer (CIO) at Secure Ideas and an IANS faculty member. He has over 20 years of industry experience in enterprise software development, system architecture, and application security. Jason has spent most of his career in technical leadership roles ranging from startups to fortune 100 companies and has learned the business acumen necessary to advise everyone from developers to senior executives on security and architecture.
Jason co-built and managed an award-winning application security design and testing program at one of the world's largest financial institutions. He also provided numerous application security training and awareness briefings to large internal technical audiences and led the development of best practices code and documentation for the same. Jason is especially passionate about integration of security best practices with the SDLC.
Jason holds his CISSP and has conducted training and talks at numerous information security conferences including OWASP® AppSecUSA, Charlotte-Metro ISSA Summit, multiple BSides events (CLT, CHS, AVL, OKC), Hackfest (Canada), Carolinacon, and more. He is also the author of several Burp extensions including CO2 and Paramalyzer, and an active contributor to other open-source projects with a current focus on SamuraiWTF.
Andrew Kates
As the Chief Operations Officer, Andrew brings a wealth of experience in project management and a deep understanding of client organizations across diverse industries. With close to a decade of proven leadership as the former Business Development and Project Manager, Andrew has been instrumental in managing client expectations and driving growth for Secure Ideas.
Andrew's unique perspective, derived from both management expertise and a strong research background, enriches the Secure Ideas team, enabling them to consistently deliver exceptional results. A driving force behind the growth of the Professionally Evil brand and the Secure Ideas name, Andrew works tirelessly to expand the company's reach and impact.
Having earned a Bachelor of Arts degree in History from The University of North Florida, Andrew combines his academic foundation with a passion for innovation, empowering Secure Ideas to navigate and excel in the cybersecurity field.
In his role as the Chief Operations Officer, Andrew continues to lead with dedication and strategic vision, ensuring Secure Ideas remains at the forefront of success and excellence.
Eric Kuehn
Before coming to Secure Ideas, Eric spent close to 20 years working with Microsoft infrastructures for large Fortune 100 companies. Since its release, his core focus has been Active Directory. He was the technical leader and responsible for the engineering and architecture of one of the most complex and largest AD infrastructures used by one of the world’s largest banks. This included ongoing maintenance and major enhancements of not only a highly secure authentication environment, but also of all the supporting tool sets required to monitor its health and integrity. He also holds the CISSP certification.
This experience has given Eric a very strong knowledge of a variety of Microsoft products and best practices.
Mic Whitehorn
Meet Mic Whitehorn, an accomplished Senior Security Consultant and Development Lead at Secure Ideas, with a rich background in information security, penetration testing, and software development. With over a decade of technical consulting experience, Mic has successfully served diverse industries, including finance, marketing, insurance, entertainment, and pharmaceuticals.
Throughout his career, Mic has contributed significantly to the field of application security and penetration testing. His expertise extends to working with widely-used, modern technologies such as Node.js, serverless applications, and cloud services. Leveraging his in-depth understanding of application and browser behavior, Mic has been instrumental in safeguarding critical systems and sensitive data for his clients.
Having a developer's mindset, Mic approaches security challenges from multiple angles, providing unique insights and actionable recommendations. His belief in the power of collaboration has led him to forge strong partnerships with defenders, ensuring a holistic approach to cybersecurity that effectively mitigates risks.
Mic's passion for secure coding practices has influenced the development community positively. Through accessible training sessions, he shares his knowledge on secure coding methodologies, advanced web proof-of-concept development, and securing microservice API architecture, inspiring developers to create robust and resilient applications.
Recognized as an adept communicator, Mic effortlessly translates complex security concepts into practical guidance for stakeholders across all levels of an organization. From development teams seeking advice to executives making strategic decisions, Mic's ability to bridge the gap between technical intricacies and business implications makes him a sought-after expert.
In a rapidly evolving digital landscape, Mic Whitehorn remains at the forefront, dedicated to making the virtual world a safer place for businesses and users alike. His unwavering commitment to excellence and passion for information security continue to drive his pursuit of innovative solutions and cutting-edge methodologies.
Britiney Tackett
After spending 15 years mastering the intricacies of regulatory compliance and corporate governance in the legal field, Britiney made a bold pivot into cybersecurity that would prove to be a perfect blend of her legal expertise and passion for security. Since 2020, she has focused on developing her expertise in red teaming and penetration testing, bringing a unique legal perspective to identifying and addressing security vulnerabilities.
During her three years working with Florida state government agencies, Britiney helped streamline the procurement process by onboarding vendors to facilitate state agencies' access to essential cybersecurity products and services through the Florida Cyber Grant Program. Now, as a business development professional at Secure Ideas, Britiney channels her enthusiasm for penetration testing into helping organizations evaluate and understand their security challenges. Her rare combination of legal acumen and technical expertise makes her a trusted advisor who understands both compliance requirements and the practical aspects of security testing.
When she's not immersed in the world of cybersecurity, Britiney is an enthusiastic road cyclist and dedicated dog mom. You'll find her either exploring new biking routes, diving into epic battles in Destiny 2, or spending quality time with her beloved dogs, Pig and Bean.
Operations Crew
Meghan Olsen
Meghan Olsen is a Project Manager at Secure Ideas with her background encompassing online advertising, content creation, SEO strategy, analytics, and brand development. Before then, Meghan was the lead weather anchor for a local TV station in Western Montana where she learned to understand different audiences and be able to connect with them.
In her free time, she likes to bake sourdough bread, watch reality tv, and go to the beach with her husband, son, and two golden retrievers.
Natalia Jordan
After having lived a life as a science nerd, Natalia Jordan decided to embark on a new journey. She joined Secure Ideas as a Marketing and Content Analyst. Bringing with her a strong background in research, data analysis, and problem solving.
Natalia graduated from Wake Forest University and has spent over 10 years in the education sector. She finds science, education, and research fascinating. She is excited to apply her skills to the marketing analysis realm.
She loves cooking and food-or-drink related experiments. She especially loves cooking for friends and has been known to invade kitchens upon invitation. Natalia’s book collection is an ever-growing endeavor that feeds her reading addiction.
Laura Lee Cogbill
After nearly a decade in the legal field, Laura Lee Cogbill joined Secure Ideas as Financial
Operations Manager in 2024. Laura Lee brings a passion for research, organization, and exceptional
customer service to the position.
Laura Lee graduated with degrees in Spanish and English education from the University of Toledo
and spent a year at the Universidad de Alcalá de Henares in Spain. She taught high school Spanish,
Composition, and Honors English. Laura Lee then devoted her time to raising two daughters while
running a personal training business in Fort Mill, SC before becoming a personal injury paralegal.
Laura Lee delights in coffee, tattoos, beach or mountain time, and adventures with friends and
family. She is rumored to have a small, completely managed, not remotely alarming addiction to
books.
Jenee Rogers
Jenee Rogers is a Project Manager for Secure Ideas, coordinating and scheduling projects and tests for all clients. She works closely with both clients and consultants on a daily basis to ensure that projects are completed on time and on budget. As part of the many hats she wears, Jenee also helps set up and run training programs and webcasts for Secure Ideas.
Jenee has taken an unconventional route to becoming a Project Manager. The interest was ignited by her obsession with time and her friends’ need for a day of wedding coordinator. She has planned and worked multiple weddings as well as conferences including BSidesCLT, a Cyber Security conference in Charlotte, NC. Events like BSidesCLT helped spark her love for Lockpicking, in which she created her non-profit Locksport training group, Fox Pick. She and her team train at 10+ conferences per year to raise money for Hak4Kidz. She and Morgan (her husband) recently developed the brand new Locksport game, PicTacToeTM. Fox Pick built relationships in the Cyber Security community which allowed her to meet the Secure Ideas team who provided her the opportunity to learn and excel at Project Management.
Jenee graduated from UNC Charlotte with a degree in Software Information Systems and a minor in Computer Engineering. She is a Carolina Panthers fan, is absolutely obsessed with Futurama, and is fluent in American Sign Language and English.
Brenna Johnson
Brenna Johnson is a Project Manager and Accounting Specialist with Secure Ideas. She started on the team as an Office Assistant and transitioned over to Accounting and Project Management. She hopes to get her degree in Psychology and ultimately graduate with her PhD. Currently she is taking courses to better understand and help clients through Project Management. She currently has a certificate in Project Management through Google but aims to gain more.
When she isn’t learning she also enjoys Tae Kwon Do, Horseback Riding, and art.
Bea Gillam
Meet Bea Gillam, a passionate and creative individual with a flair for marketing and content creation. She has been apart of Secure Ideas since 2020 and has been assisting the Marketing Department by shaping compelling content that aligns with the company's mission of enhancing digital security.
Bea's passion for creativity extends far beyond her professional life. In her free time, she indulges in her love for writing and art, finding solace in the boundless world of imagination. Whether it's crafting captivating stories that transport readers to distant worlds or channeling her emotions into a sculpture, her artistic endeavors know no bounds.
With an innate ability to blend creativity and marketing, Bea brings a fresh perspective to the projects she undertakes. Her innovative ideas and out-of-the-box thinking have been an important asset to the Secure Ideas' Team.
Cameron Patalano
The Experts
Travis Phillips
Travis Phillips is a Senior Security Consultant with Secure Ideas. Before joining Secure Ideas, he worked in the medical field as a data analyst & web/software developer before moving on to information security doing SOC work. He later moved on to product security testing for embedded systems on several architectures and device types. Travis also enjoys CTF’s & wargames for hacking challenges as a pastime.
Travis has developed a strong skill set towards application security as a result of both working in the development and security fields, reviewing the security of applications in both roles. Travis enjoys teaching at local professional groups and conferences when he can and building tools to make security testing faster and easier.
Travis Phillips
Jon Knepp
Jon Knepp is a dedicated Senior Security Consultant at Secure Ideas, bringing over two decades of experience in systems administration, infrastructure architecture, and technical leadership. His extensive career has spanned sectors including Financial Services, Healthcare, Big Data Analytics, and the Oil & Gas industry, and has encompassed roles in organizations of all sizes, from agile startups to multinational corporations.
With a professional background that embraces both technical proficiency and business acumen, Jon has a comprehensive perspective on how an organization's scale and complexity can influence risk management. Understanding the importance of process and repeatability, Jon adeptly uses this knowledge to develop strategies tailored to address the unique security needs of each organization. An accomplished scripter, he has refined his skills in PowerShell since its emergence, creating key process integration automations essential to various roles throughout his career.
Jon is particularly passionate about supporting small to medium-sized businesses in their cybersecurity endeavors. In this vein, he has produced numerous webcasts specifically tailored for these organizations, offering valuable insights into building robust cybersecurity programs. By sharing his expertise and insights, Jon aims to empower these businesses to build stronger, more secure digital environments.
Bill McCauley
Bill McCauley is a Senior Security Consultant with Secure Ideas. He is a USAF Veteran and has worked with various electronics and IT systems over 20 years. His background covers a wide variety of industries including DoD, Healthcare, Education, Energy, and Security.
Bill has a strong interest in security, system administration, and training. His work experience includes system administration of various DoD and Healthcare systems within both Unix and Windows environments. He taught several Health IT classes for Lake Region State College. He has also spent a few years working with NERC CIP Compliance.
Bill holds a Bachelor of Science in Management/Computer Information Systems from Park University.
Cory Sabol
Cory Sabol is a Senior Security Consultant with a background in Artificial Intelligence, web development, and game development.
Cory has done substantial research on the topic of container security, focused primarily on Docker and Kubernetes. In addition to using these skills to identify and exploit misconfigurations during penetration testing engagements, Cory has taught workshops on this topic to other security professionals. Cory also has considerable experience with API security. He has developed custom API security testing frameworks and tooling.
Currently he is researching Artificial Intelligence security, and developing techniques and content on this subject.
Jennifer Shannon
Jennifer is a Senior Security Consultant with Secure Ideas with a background in malware analysis, penetration testing, and teaching. She graduated with honors from Florida State College at Jacksonville’s networking program. An avid computer geek for most of her life, she began her journey in cybersecurity as a SOC Analyst where she showed an aptitude for both penetration testing and malware analysis. She was quickly promoted into a role that capitalized on her abilities. She has experience performing penetration tests against web applications, mobile software and platforms, and social engineering.
Jennifer discovered a passion for computers and problem solving at a young age. She bought Steal This Computer Book 2.0, by Wallace Wang, with one of her first paychecks, and became enamored with hacking and cyber security. While pursuing her degree she dedicated time to teaching computing skills to underrepresented minorities. She is the co-leader for the TOOOL chapter in Jacksonville, FL. Jennifer continues to be passionate about teaching and is eager to share her knowledge with anyone who will listen.
In her free time, she likes gaming, playing around with SDR’s, and painting.
Aaron Moss
Aaron Moss is a Senior Consultant for Secure Ideas. With almost 20 years in various technical roles ranging from Helpdesk to IT Consultant to Director of IT Operations, he has expertise in multiple areas and disciplines. He particularly enjoys network pentesting, an area he specializes in.
Aaron is excited to be one of the co-founders and organizers for Oklahoma’s largest Information Security/Hacker conference, BSides Oklahoma. Participating in BSidesOK is a humbling and rewarding experience which allows him to connect with other IT and Security experts in Oklahoma and the surrounding states.
Outside of hacking all the things, he loves spending time with Jade (his wife) and family playing games of all kinds, watching Horror movies (especially slashers!), air drumming to Cannibal Corpse and Slayer, or making random gory and grotesque horror movie/haunted house props and masks.
Jordan Bonagura
With more than 20 years of experience in information security, Jordan is passionate about helping companies and clients protect their data and applications from threats and vulnerabilities. As a Principal Security Researcher he had led teams in conducting vulnerability management, risk assessments, penetration tests, and setting up boundaries to be compliant with standards for companies in different segments.
He contributed to significant projects, such as developing an integrated GNSS positioning system and an encryption communication protocol between ground and satellite at the Brazilian National Institute of Space Research. He also had the opportunity to speak at important security conferences around the globe, be a Professor and course coordinator at colleges, and also a consultant for the Brazilian police in crime solving.
Kathy Collins
Kathy Collins is a Security Consultant at Secure Ideas. She performs penetration testing, Scout services, and produces the bi-weekly Professionally Evil Podcast. Kathy studied Cybersecurity at Fullstack Academy New York, holds a CompTia Security+ certification, and she also holds the CISSP certification. Kathy’s background consists of 20 years of non-profit, education and corporate experience in the hospitality industry. She enjoys writing, 80’s horror movies, the outdoors, hands-on projects, cooking, and building and modifying mechanical keyboards.
Alex Rodriguez
Alex Rodriguez is a security consultant with experience in Linux systems administration, Infrastructure as Code development, container platforms, automation development, and various CI/CD platforms. In his roles at Secure Ideas, he is one of the main admins of their production systems and all things automation. He utilizes Amazon Web Services, terraform, packer, vagrant, ansible, and also gets to work with clients on improving their infrastructure through penetration tests. Besides client work and system administration, he loves giving workshops and presenting on his various projects to the community. When he is not working, he is listening to as many podcasts as he can while continually improving in security, blogging, and coding.
Doug Bigalke
Doug Bigalke is a seasoned security consultant with Secure Ideas, with experience performing penetration tests, security architecture reviews, and vulnerability assessments. In addition to this, Doug leverages a broad knowledge base in cloud infrastructure, including AWS and Azure, to support and maintain Secure Ideas internal infrastructure.
His tenure at Secure Ideas has been marked by his ability to streamline technical processes, which has led to significant improvements in the company's workflow and efficiency. Beyond this, Doug oversees the management of hardware assets, ensuring that each component of Secure Ideas' operations performs at optimal capacity.
Doug's industry experience extends beyond Secure Ideas. With a solid 15 years in the healthcare and financial sectors, Doug spent time developing data warehousing solutions and providing business intelligence insights. These experiences and his current role have afforded Doug a unique perspective on security needs across diverse sectors.
Doug's colleagues often describe him as the "salt of the earth," noting his down-to-earth nature and strong work ethic. Outside the confines of his professional life, Doug is an avid robotics enthusiast. His passion for building robots is peppered with a fascination for machine learning, a testament to his curiosity and eagerness to learn and grow continuously.
Josh Kemp
Josh Kemp is a dynamic and vibrant addition to the Secure Ideas team, where he takes on the role of a Security Consultant in Scout Services. His unconventional journey into cybersecurity started in the service industry, where he honed his expertise as a DJ and Bar Manager. Amid the melodies and mixes, Josh found a fascination with computers and information systems, revealing a natural inclination toward technology. This newfound passion sparked a career pivot, leading him to pursue a degree in Computer Information Technology. His background in the service industry and education have endowed him with a unique blend of skills to perform security assessments.
When Josh isn't meticulously inspecting systems for security vulnerabilities or studying to broaden his technical knowledge, he finds solace in his affinity for electronics. He enjoys delving into the intricate world of turntables and other small electronics, repairing and modifying them. This hobby not only exhibits his deep-rooted fascination for technology but also serves as a testament to his patience and meticulous attention to detail.
Simon Bremner
Meet Simon Bremner, a full-stack developer and an expert in user experience design (UX). With a keen focus on human/machine interfacing and data consumption patterns, Simon creates seamless and visually captivating digital experiences.
As a full-stack developer, Simon's expertise spans the entire web development spectrum, enabling him to craft feature-rich and intuitive applications. His extensive knowledge of various programming languages and frameworks empowers him to deliver exceptional user experiences.
With almost a decade of Graphic/Product Design experience, Simon's unique strength lies in understanding user behavior and psychology, shaping his user-centric approach to interface design. By prioritizing user needs and preferences, he ensures that his creations are not only aesthetically pleasing but also intuitive.
When Simon isn't working, you'll find him building guitar pedals, capturing moments through his photography, immersing himself in a new JavaScript framework, or kicking a soccer ball around.
David Young
Pablo Vergara
Meet Pablo Vergara, newest member of the Secure Ideas team. He comes to us from a unique and interesting background, having acquired degrees in English Literature and Professional Studies - with a core concentration in Information Security.
With over fifteen years as a quality assurance analyst and engineer, he brings a "tester's mindset" to the role and is well-versed in being a voice for the client. As a Quality Assurance Engineer, he learned the fundamentals of testing, from functionality through accessibility, and applied automation frameworks to his manual testing process, serving to provide immediate feedback to found issues. As a result, he developed an affinity for coding, especially in python. He tested front-end and APIs, but always kept Security top-of-mind, being the champion for ensuring the app was secured as much as it was of sound quality.
His previous experience in the food service industry has fostered a drive to work in a collaborative manner as part of a team towards a common goal. Hospitality is in his blood and is a trait that will be of a tremendous benefit to any engagement.
Pablo's passion for security testing coupled with a verve for continuous learning will prove advantageous as he progresses in his career. He live to share what he's learned and is enthusiastic to pass on what he's learned, by way of blogging or contributing to internal documentation.
When he's not writing a test script, or blog post, he's writing fiction and has a few projects in the works.
Ben Goodman
Ben Goodman
Giovanni Cofré
Joining the Secure Ideas team, Giovanni Cofré brings over 26 years of Information Technology
experience, focusing on securing and defending Corporate networks, Operational Technology
(OT) environments, and high-profile E-commerce sites since 2000. His passion for the
Information Security discipline is matched by a commitment to mentoring future Security
professionals, sharing his wide-ranging experience, and fostering a culture of Security
awareness. Giovanni's knowledge and skills span multiple industries in both the Private and
Public sectors, where he has successfully designed and implemented security frameworks to
protect infrastructures. He has led the development of robust Security programs, architecture
assessments based on CIS CSC, HITRUST, PCI, and NIST frameworks, and provided strategic
direction to mitigate risks across Corporate and OT platforms. Giovanni’s hands-on experience
in vulnerability scanning, penetration testing, and the creation of practical Security processes,
standards, and policies has made him a trusted advisor among peers.
Giovanni's career includes notable roles in the E-commerce and Energy industries, where he
trained and established secure coding practices, and guided maturing strategies for enterprise
environments. His dedication to leveraging environment focused practices to meet business
needs, combined with a passion for mentoring and knowledge sharing, defines his approach to
building resilient infrastructures and driving successful Security programs.
When not focusing on the Information Security arena, Giovanni enjoys time with his family,
participating in adventure sports, and sharing his love for sliding down the mountain sideways
as an AASI level 2 Snowboard Instructor
Giovanni Cofré
Why Secure Ideas?
Secure Ideas has been testing security systems since 2010, and its core testing competency is performed by consultants with at least ten years of IT experience each. Our primary goal in every penetration testing engagement is to help our clients improve their security posture. Here are a few other ways we stand out:
Mission
Though we are referred to as hackers, Secure Ideas was founded on a strong foundation of ethical security testing. Well defined rules of engagement, local and federal laws, and our clients' privacy are all critical considerations to us in every engagement.
Vision
You will never have to worry about Secure Ideas trying to pass off an automated scan as a penetration test. We make an effort to understand the technology and the current threat landscape to thoroughly test the security of IT systems and advise our clients accordingly.
Values
We place a high value on our relationships with our clients. It is not enough to just do a penetration test and write up a report. At Secure Ideas, we welcome follow-up conversations, feedback, and questions from our clients year-round.