• 11 Dec 2011

    Windows security exploits, all over again

    There's a good bit brewing in the Windows world regarding security and I suspect 2012 will make for an interesting year...Here are some new pieces I've written for TechTarget along these lines where I cover Windows 8 and SharePoint security, using Metasploit to exploit flaws as well as some Windows security oversights I see in practically every internal security assessment I do. Enjoy!Patching and continuous availability in Windows Server 8SharePoint ...

    Continue Reading...
  • 21 Nov 2011

    Don’t turn a blind eye on the basics

    I'm all about shoring up the basics of Web security before throwing money at the situation. If you're interested in saving not only money but also time and effort, here are some new pieces I've written on Web security that you may be interested in: Explaining the why of Web application security Improving Web security by working with what you’ve got Not all Web vulnerability scans are created equal Why ...

    Continue Reading...
  • 13 Jun 2011

    New WebsiteDefender from @Acunetix worth a look-see

    The folks at Acunetix have a neat new product/service called WebsiteDefender. I've yet to try it myself but it looks promising - fills a nice niche.WebsiteDefender is an agent-based tool for websites and WordPress-based blogs that:Scans your site for security flawsDetects malware running on your siteAlerts you to suspicious web site activity including file changesThe obvious benefit is to have a more secure online presence but as Acunetix is marketing ...

    Continue Reading...
  • 06 Feb 2011

    Lessons on Web security threats and testing

    Here are some recent webcasts/podcasts I recorded for SearchSoftwareQuality.com (@SoftwareTestTT) on Web application security:Security Lesson: Beating Web application security threatsSecurity Lesson: How to test for common security defectsI feel like I'm just scratching the surface on this topic but, thinking about what's going on out there, many people have yet to realize there's even a problem. Focus on these basics and you're going to eliminate the large majority of Web ...

    Continue Reading...
  • 30 Aug 2010

    “New” Web security content to check out

    Here are several new links to some recent (and, due to my crazy year, not so recent) articles I've written for various TechTarget sites on the subjects of Web application and server security:Web server weaknesses you don't want to overlook (the "rest of the story" of Web flaws)SQL injection tools for automated testing (a must-have for your toolkit)Beefing up SSL to ensure your applications are locked down (good for some ...

    Continue Reading...
  • 21 Jul 2010

    Good Web application security resource

    In typical monster corporation style, Hewlett-Packard's Web site is painfully difficult to browse around, much less find what you're looking for when it comes to, well, pretty much anything. There is an exception however that benefits all of us in information security. It's HP's Application Security Center Resource Library. It's chock full of goodies from HP (and former SPI Dynamics) engineers, developers, and Web security evangelists.In addition to more recent ...

    Continue Reading...
  • 20 Jul 2010

    Sometimes it’s the little things that’ll get you

    If you're like me you've likely experienced in your daily life how something seemingly innocuous or too simple can create a big problem. Here's a new piece I wrote where I talk about this issue with regards to Web security:Web security oversights: Don’t overlook the “small” stuffWith information security there's usually no need to sweat the small stuff....just don't overlook it altogether!...

    Continue Reading...
  • 07 Apr 2010

    Tools & techniques for hacking Windows servers & workstations

    Ever wonder how Windows servers get hacked? Perhaps you're unsure of which approach you need to use the get the most out of your security testing at the server and desktop levels? Or you may be wondering what you need to do to lock down Windows-based Web servers? Maybe you're curious about how Windows Server 2008 R2 stands up to security tests?Well, I've got just what you need to know ...

    Continue Reading...
  • 26 Mar 2010

    What’s the biggest Web vulnerability?

    Here's a new piece I wrote called The Top Web Vulnerability We Face. It's something I suspect will be around for a long, long time. I'm curious if you agree?...

    Continue Reading...
  • 05 Feb 2010

    Looking past Layer 7 – Web security is more than the app

    Here's a bit I wrote on why we need to look deeper than the application when testing our Web security:Looking past Layer 7...it's the little, often overlooked, things that'll get you....

    Continue Reading...

Success expert Brian Tracy shares his thoughts on Kevin:

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:


Hacking For Dummies, 8th edition penetration testing book

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO compliance coronavirus covid-19 cybersecurity data breaches discipline eagle syndrome hacking Hacking For Dummies health helmet communications incident response keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements tethered spinal cord tiktok time management underimplemented vulnerability and penetration testing web security willingness zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.