About the author: Kevin Beaver is an independent information security consultant, speaker and expert witness with Atlanta-based Principle Logic, LLC. He has over 20 years experience in the industry and specializes in performing independent information security assessments revolving around compliance and information risk management. Kevin has authored/co-authored seven books on information security including the ethical hacking books, Hacking for Dummies and Hacking Wireless Networks for Dummies (Wiley). He's also the creator of the Security On Wheels IT security audio books.
Contributions from Kevin Beaver
- Security lesson: Beating web application security threats
- Security lesson: How to test for common security defects
- Common software security oversights school
- Hacking For Dummies: Hacking Methodologies, Chapter 4
- Can security testing only happen in the production environment?
- The secrets to getting started in your software testing career
- Building solid security requirements
- How to gather security requirements for software projects and what to look for
- Where can I find software security test plan templates?
- Why current application security measures fail and what you can do about it
- Are there security concerns when porting from IIS to Apache?
- Security oversights in the cloud: Asking the tough questions
- Explaining software security responsibilities to the staff, QA department and management
- Cross-site scripting (XSS) explanation
- Beefing up SSL to ensure your applications are locked down
- Security best practices for today's Web applications
- Why use POST vs. GET to keep applications secure
- What to look for in future renditions of Web 2.0 application security
- How to get development, QA, security and compliance teams to play nice
- Is SQL injection really the guilty party in software application vulnerabilities?