• 21 Oct 2011

    Users making security decisions is your Achilles’ heel

    I recently came across some content in a book outlining the benefits of SSL. The author depicted a scenario where SSL is in place to help the user authenticate the server/site he's connecting to and if a certificate-related error popped up in the browser then the user would know that the site was malicious and (presumably) not continue on with the connection. This very situation is an example of how ...

    Continue Reading...
  • 30 Aug 2010

    “New” Web security content to check out

    Here are several new links to some recent (and, due to my crazy year, not so recent) articles I've written for various TechTarget sites on the subjects of Web application and server security:Web server weaknesses you don't want to overlook (the "rest of the story" of Web flaws)SQL injection tools for automated testing (a must-have for your toolkit)Beefing up SSL to ensure your applications are locked down (good for some ...

    Continue Reading...
  • 08 Nov 2009

    The real deal with the SSL/TLS flaw

    Over the past few days Twitter, security blogs, and news columns have been going crazy with the newly-discovered SSL/TLS flaw. Man, you'd think it's the next WEP exploit discovery. The security sky is falling...we must retreat.Seriously, is this thing a big deal? Not in my opinion - at least not in all but 99.9% of any given situation. But what do I know? I'm just the security guy that sees ...

    Continue Reading...
  • 26 Aug 2008

    Finally…someone gets their Web security policy right!

    When most companies claim Web "security" they tout SSL like I mentioned here. I've had trouble figuring out why the buck stops there...maybe because they're being written by people in marketing??Anyway, LinkedIn finally got it right. The security stipulation in their privacy policy goes beyond SSL:In order to secure your personal information, access to your data on LinkedIn is password-protected, and sensitive data (such as credit card information) is protected ...

    Continue Reading...
  • 23 Jul 2008

    Got a kick out of this “Worry-Free Online Ordering” policy

    I just stumbled across this "worry-free" policy located on an e-commerce site. Very cute...yet sad that a lot of people think SSL and "trust seals" are all that's needed to secure sensitive information in Web apps. ***Your information is safe with us.SOME~ONLINE~STORE ensures your safety and security by employing the highest level internet security system available. All information you provide us via this web site is encrypted using an SSL ...

    Continue Reading...
  • 11 Jun 2008

    100% Secure Site? Yeah, right…

    I was ordering some Aqua Globes today (I don't normally fall for these as-seen-on-TV products but this one seems to fit a need I have) and saw on their site a bold statement of "100% SECURE SITE". You can see it here. Apparently the same folks that have infiltrated other e-commerce sites claiming "HACKER PROOF".Wow - what a BOLD statement!I wonder how often they test their site/application using automated scanners ...

    Continue Reading...
  • 07 Dec 2007

    My articles from this week

    Here's my one information security article from this week that you may be interested in. For all of my past content be sure to check out www.principlelogic.com/resources.html.The Fallacy of SSLEnjoy!...

    Continue Reading...

A word about Kevin from well-known success expert Brian Tracy:

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:


Hacking For Dummies, 8th edition penetration testing book

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO compliance coronavirus covid-19 cybersecurity data breaches discipline eagle syndrome hacking Hacking For Dummies health helmet communications incident response keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements tethered spinal cord tiktok time management underimplemented vulnerability and penetration testing web security willingness zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.