• 02 Dec 2015

    How effective is your security program? New content and, perhaps, some new ideas.

    Slow going on the posts lately - too busy writing for other websites! :-) So, here's some of my latest for you - this time on the subject of information security management and running an effective security program:Information security is not stagnant but dynamicThe mishandling sensitive data: Do you really know what you don’t know?Security Decision-Making: When Decisions Are Based on Fear Rather Than FactState of the Network study: How ...

    Continue Reading...
  • 16 Sep 2015

    My new content: Regulating security pros, network security, and locking down Windows

    Here are some recent pieces I've written on information security that you might be interested in:Why regulating information security professionals is a bad thingYour network versus the cloud – what’s more secure?Solving major security infrastructure issues around interoperabilitySoftware-defined security: The future of network security?The biggest obstacle to securing Windows Server 2012Hidden vulnerabilities on your IIS 8 serversTighten Windows 8.1 security in five simple steps As always, my other information security ...

    Continue Reading...
  • 23 Jun 2015

    HIPAA Security Rule compliance tips, advice, and resources

    There's a lot going on in the world of healthcare, including HIPAA compliance. This applies not only to healthcare providers, insurance companies, and the like but also any business and subcontractor that does business in this space.If you or someone you know falls under this umbrella, here are a few things I've written over the past several months that can help: What Security Professionals Need to Know about HIPAA‘Yes, HIPAA ...

    Continue Reading...
  • 22 Dec 2014

    Some vulnerability + penetration testing content to send off 2014

    Here are some pieces I've written recently on determining just how "fit" your network and application environment really is. Whether you're an IT auditor, penetration tester, IT admin, or security consultant, there's some stuff for you:How to perform a (next-generation) network security audit Don’t overlook details when scoping your Web application security assessmentsTop gotchas when performing email phishing tests How to take a measured approach to automated penetration testingFive steps ...

    Continue Reading...
  • 27 Aug 2014

    My new webcast on securing your Web environment against denial of service attacks

    I saw a recent study that found that distributed denial of service attacks are getting larger and larger.The thing you need to be thinking about is how you're going to prevent and respond when your Web presence becomes a target.Well, good timing, because I just recorded a new webcast for my friends at SearchSecurity.com on this very topic...In Proven Practices for Securing Your Website Against DDoS Attacks, I have a ...

    Continue Reading...
  • 22 Aug 2014

    CISOs, lawyers, awareness training, and other infosec blunders you need to know about

    I've been super busy putting my twisted thoughts on paper...here are a few pieces you might enjoy:When your lawyer becomes your CISO  The compliance crutch holding up Corporate AmericaThe fallacy of information security awareness and trainingThe one skill worth mastering in ITQuantifying the disconnect between the business and securityThe critical item that’s missing from most IT security programsWhat's your one hot button security item? Top detractors of security oversight The funny ...

    Continue Reading...
  • 05 Aug 2014

    Are you stuck in this information security rut?

    Here's a new post I wrote for Rapid7's blog that I think you might like...There’s nothing really new in the world in which we work. Every problem you face in information security has already been solved by someone else. Why not use that to your advantage? There’s no time for baby steps in security. Sure, you need to “walk before you run” by thinking before you act. That comes in ...

    Continue Reading...
  • 18 Jul 2014

    How to communicate Web security to management, must-have security testing tools, and compliance in the cloud

    Check out these new pieces I've written and recorded on Web application and cloud security. If you follow the things I recommend on communication (first three links), you can absolutely transform your information security program and the way that people perceive you as an IT professional.Communicating with Management about Web Security, Part 1 - Knowing What You're Up AgainstCommunicating with Management about Web Security, Part 2 - Prioritization and Sending ...

    Continue Reading...
  • 04 Jun 2014

    More Web security vulnerability assessment, audit, and pen testing resources

    I've been busy in the world of Web security testing - both with work and with writing. Check out these new pieces on the subject. I suspect I'll tick off a "researcher" or two given my business angle and 80/20 Rule-approach of focusing on the most problematic areas of Web security...Still, I hope that these are beneficial to you and what you're trying to accomplish in your organization: Key Web ...

    Continue Reading...
  • 14 May 2014

    Web security vulnerability testing and management resources you need

    Here are some recent pieces I've written that can make or break your success in information security: - See more at: http://securityonwheels.blogspot.com/#sthash.YEhOcnEF.dpufHere are some recent pieces I've written that can make or break your success in information security: - See more at: http://securityonwheels.blogspot.com/#sthash.YEhOcnEF.dpufHere are some recent pieces I've written that can make or break your success in information security: - See more at: http://securityonwheels.blogspot.com/#sthash.YEhOcnEF.dpufHere are some recent pieces I've written ...

    Continue Reading...

Success expert Brian Tracy shares his thoughts on Kevin:

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:


Hacking For Dummies, 8th edition penetration testing book

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO compliance coronavirus covid-19 cybersecurity data breaches discipline eagle syndrome hacking Hacking For Dummies health helmet communications incident response keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements tethered spinal cord tiktok time management underimplemented vulnerability and penetration testing web security willingness zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.