• 26 Mar 2010

    Great tool to check for weak Web passwords

    I've always been a fan of Acunetix Web Vulnerability Scanner. It's a lesser-known tool that packs a big punch. One of its most redeeming qualities is its password checking. As I mentioned in this post, Acunetix Web Vulnerability Scanner took what was going to be a basic assessment of an Outlook Web Access system with very few findings up many notches into a true penetration of the system...all thanks to ...

    Continue Reading...
  • 26 Mar 2010

    What’s the biggest Web vulnerability?

    Here's a new piece I wrote called The Top Web Vulnerability We Face. It's something I suspect will be around for a long, long time. I'm curious if you agree?...

    Continue Reading...
  • 23 Mar 2010

    Check out my new Web application security ebook

    Hot off the press...OK, hot off the computer - I've written an ebook on Web application security threats published by SearchSoftwareQuality.com - a great application development/QA site that's part of the TechTarget family.Download it and learn more about: New Web application security challengesAssessing your Web application securityBeating common Web security attacksHacking your own applicationsWeb application security best practices It's free - just sign up for it at Bitpipe.com....

    Continue Reading...
  • 11 Mar 2010

    Twitter stole my Twitter idea

    I was recently talking to a client about how we need to start up a company with a Twitter acquisition as our exit strategy that scans for malicious URLs in the tinyurl, bit.ly, etc. links that are posted on Twitter. Twitter beat us to the punch. It's actually pretty difficult to comprehend that it's taken them this long to fix such a big problem. Nice to see some innovation where ...

    Continue Reading...
  • 05 Feb 2010

    Looking past Layer 7 – Web security is more than the app

    Here's a bit I wrote on why we need to look deeper than the application when testing our Web security:Looking past Layer 7...it's the little, often overlooked, things that'll get you....

    Continue Reading...
  • 22 Jan 2010

    What are your thoughts on Web hosting / colo providers?

    Better think things through when giving up the reigns and letting a third-party Web hosting or colo provider run the show:When using a Web hosting provider can be bad - really bad - for your businessYou'd think Network Solutions would have better security controls in place.When will people pull their heads out of the sand? Maybe never??Speaking of this specific vulnerability, here's a recent bit I wrote on Acunetix's blog ...

    Continue Reading...
  • 22 Jan 2010

    My latest information security content

    Here are my latest information security articles and a podcast focusing on Web security and document security. Enjoy!First, my Web security articles:Changes coming to the OWASP Top 10 in 2010 (read the comments too, I stirred the puddin' with this piece!)Free Web proxy tools you need to get to knowSecuring Web servers in Windows environments...and a document security podcast (this is a really interesting story if you haven't heard about ...

    Continue Reading...
  • 10 Nov 2009

    M-W’s Word of the Day very fitting

    I subscribe to Merriam-Webster's "Word of the Day" and saw today's word is rectify. Here's the example sentence they used:"The night before the Web site was to go live, the programmers worked frantically to rectify several unresolved security problems."Too funny! ...and sadly, all too common. Hey, at least they were working to fix the security issues before it went live! ;-)...

    Continue Reading...
  • 30 Sep 2009

    My latest security content

    Here's my latest information security content...many more to come soon! Hope these prove to be of value to you.Finding cross-site scripting (XSS) application flaws checklistThe Windows Report - Analyzing the IT Job Market (podcast)Be sure to check out www.principlelogic.com/resources.html for all of my information security articles, podcasts, webcasts, screencasts, my Twitter updates, and more....

    Continue Reading...
  • 29 Sep 2009

    XSS in my article on XSS!?

    I "tweeted" about this but I had to post it here as well. I just realized that my new article for SearchSoftwareQuality.com on XSS actually executes JavaScript when loading because of some sample code I inserted into it!! It's not actual XSS but looks like it! Ahh the irony.Finding cross-site scripting (XSS) application flaws checklistBTW, I'm working on getting it resolved......

    Continue Reading...

Success expert Brian Tracy shares his thoughts on Kevin:

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:


Hacking For Dummies, 8th edition penetration testing book

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO compliance coronavirus covid-19 cybersecurity data breaches discipline eagle syndrome hacking Hacking For Dummies health helmet communications incident response keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements tethered spinal cord tiktok time management underimplemented vulnerability and penetration testing web security willingness zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.