• 02 Apr 2010

    THE process for successful Web security testing

    Here's a new piece I wrote for SearchSoftwareQuality.com where I talk about the lifecycle of testing for Web security flaws. From obtaining buy-in to reporting to the stakeholders, it's a process you need to master.Security testing best practices for today's Web 2.0 applications...

    Continue Reading...
  • 01 Apr 2010

    Two B I G reasons to secure your home computers/network

    Here's a crazy story: burglar breaks into a home, uploads child pornography on the family computer, and tries to frame the husband of his co-worker who he had a crush on.If this isn't a good enough reason to secure your home computers, I don't know what is.Not to mention your wireless network. How'd you like one of those creeps we used to see on Dateline's To Catch a Predator doing ...

    Continue Reading...
  • 30 Mar 2010

    A couple of neat things about WebInspect

    If you're into finding the Web security flaws that matter HP's WebInspect should be on your short list of prospective Web vulnerability scanners. Over the past six months WebInspect has repeatedly found a couple of items that I know I otherwise wouldn't have uncovered or been able to exploit to the extent I did.The first is SQL injection. WebInspect does a very good job finding the actual flawed inputs but ...

    Continue Reading...
  • 29 Mar 2010

    Don’t forget about XSS *behind* the login prompt

    Don't assume that your Web security concerns stop at the login prompt. Here's a new piece I wrote where I talk about cross-site scripting (XSS) and whether or not it matters for logged-in users:Authenticated XSS - problem or not?...

    Continue Reading...
  • 29 Mar 2010

    Got Linux security on your mind?

    Here's a new webcast and accompanying podcast I recently recorded for SearchEnterpriseLinux.com where I share some insight and opinions regarding the biggest weaknesses I'm seeing with Linux today...and what you can do about it:Tightening down Linux security (webcast)Tightening down Linux security (podcast)...

    Continue Reading...
  • 27 Mar 2010

    Windows DirectAccess – VPN killer or not?

    Here's a new piece I wrote for SearchEnterpriseDesktop.com on Windows 7's/2008's new DirectAccess app:Using Windows 7's DirectAccess to enhance the mobile user experience...it's actually pretty cool and worth checking out....

    Continue Reading...
  • 26 Mar 2010

    Why the rich keep getting richer and the poor keep getting poorer

    Contrary to what Senator Max Baucus (Democrat) recently said about the forthcoming healthcare deform that's being forced upon us:“Too often, much of late, the last couple three years the mal-distribution of income in America is gone up way too much, the wealthy are getting way, way too wealthy, and the middle income class is left behind. Wages have not kept up with increased income of the highest income in America. ...

    Continue Reading...
  • 26 Mar 2010

    I do not like it Uncle Sam

    Here's a good one going around the Internet that I just love:I do not like it Uncle Sam, I do not like it Sam I am. I do not like these dirty crooks, I do not like how they cook books. I do not like when Congress steals, I do not like their secret deals. I do not like this Speaker Nan, I do not like this 'YES WE CAN'! ...

    Continue Reading...
  • 26 Mar 2010

    Great tool to check for weak Web passwords

    I've always been a fan of Acunetix Web Vulnerability Scanner. It's a lesser-known tool that packs a big punch. One of its most redeeming qualities is its password checking. As I mentioned in this post, Acunetix Web Vulnerability Scanner took what was going to be a basic assessment of an Outlook Web Access system with very few findings up many notches into a true penetration of the system...all thanks to ...

    Continue Reading...
  • 26 Mar 2010

    What’s the biggest Web vulnerability?

    Here's a new piece I wrote called The Top Web Vulnerability We Face. It's something I suspect will be around for a long, long time. I'm curious if you agree?...

    Continue Reading...

Success expert Brian Tracy shares his thoughts on Kevin:

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:


Hacking For Dummies, 8th edition penetration testing book

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO compliance confidentiality covid-19 cybersecurity data breaches defensibility discipline eagle syndrome executive management hacking Hacking For Dummies helmet communications incident response keynote speaker leadership NCAA football networking outsourcing passwords patching policy enforcement Power Four rare diseases resilience security security leadership social engineering tethered spinal cord threat intelligence tiktok time management underimplemented vulnerability and penetration testing web security willingness zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.