• 16 Apr 2012

    Basic features of WebInspect – the kind of stuff great scanners are made of

    Wondering what helps minimize the pain, stress and time required to run effective Web vulnerability scans? It's the things you can see in the toolbar of HP's WebInspect: Start/Resume, Pause - because you're going to need to pause and resume your scans at some point.Rescan - because you're going to want to re-run the scan again or re-test for the flaws uncovered previously.Compare - because you're going to have a ...

    Continue Reading...
  • 17 Dec 2011

    WebInspect: How SQL injection testing *should* be done

    SQL injection is arguably the grandest of all security vulnerabilities. It can be exploited anonymously over the Internet to gain full access to sensitive information - and no one will ever know it occurred. Yet time and again it's either: overlooked by people who don't test all of their critical systems from every possible angle overlooked by people who haven't learned how to properly use their Web vulnerability scanners overlooked ...

    Continue Reading...
  • 28 Mar 2011

    A quick review of WebInspect 9 shows HP’s still got it

    It's been a long time coming but it's finally here: HP's WebInspect version 9. I've been using WebInspect for nearly 10 years now and I believe this new version of WebInspect is one of the most significant upgrades they've put out. They've essentially taken what was already one of the best Web vulnerability scanners and have made it better, especially when it comes to workflow and streamlined usability.A few things ...

    Continue Reading...
  • 07 Sep 2010

    The key to accurate and insightful Web security scans

    You've likely found that Web vulnerability scanners aren't just point-and-click. Maybe so for relatively simplistic marketing websites but not for complex applications. In fact, one of the greatest ways to get a grand false sense of security is to turn a Web vulnerability scanner loose on your site/application and assume everything of consequence has been discovered and audited.The thing is we're now seeing an entirely new set of Web applications ...

    Continue Reading...

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

I’ve written/co-written 12 books on information security including one of the best-sellers of all time:


Hacking For Dummies, 8th edition penetration testing book

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO compliance coronavirus covid-19 cybersecurity data breaches discipline eagle syndrome hacking Hacking For Dummies health helmet communications incident response keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements tethered spinal cord tiktok time management underimplemented vulnerability and penetration testing web security willingness zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.