• Is your approach to application security based in reality?

    02 May 2013

    I know I say this a lot here – I’ve been so busy writing that I’ve been remiss in posting my actual content. So…I’ve got some content on web and mobile application security and penetration testing this time around.

    You see, there are so many researchers, theories, and academic approaches to web and mobile security that it’s simply overwhelming. Much of it doesn’t apply to what businesses really need to be addressing anyway. Taking the 80/20 approach, what do you really need to focus on that’s going to provide the highest payoffs?

    Well, in the spirit of my book Hacking For Dummies (be sure to check out the new 4th edition), here are some tips I’ve written for my friends at TechTarget and Acunetix on some important web and mobile application security issues you need to be tuned in to beyond all the noise that’s out there:

    Don’t Let Problems Stop You From Carrying Out Web Application Testing  (before ‘Too Scared to Scan‘ was cool 😉

    Mobile app software: Avoid the perpetual cycle of insecurity

    Hybrid security: Beyond pen testing and static analysis

    Mac Malware Underscores Why You Can’t Ignore Web Security Threats

    Do You Scan with Network Security Controls Enabled or Disabled?

    Take Care in Handling the Results of Your Web Application Testing

    Much more to come on web and mobile security testing…It’s what I love doing and I’ve learned a tremendous amount while doing it over the past decade.

    In the meantime, check out my website for links to all of my other information security-related content.

    Cheers!

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

I’ve written/co-written 12 books on information security including:

 

Tags

AI appsec basics books Career Networking careers censorship cervical instability CISO CISSP cities coronavirus covid-19 cybersecurity data breaches eagle syndrome hacking Hacking For Dummies heads in sand health helmet communications incident response information risk keynote speaker leadership macOS NCAA football networking passwords Power Four rare diseases resilience Russian hacking security culture security leadership security speaker social engineering speaking engagements sql injection tethered spinal cord tiktok time management vulnerability and penetration testing web security zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.