• 26 Sep 2011

    Common firewall management challenges whitepaper

    Here's a new whitepaper I recently wrote on the ins and outs - and dos and don'ts - of managing enterprise firewalls:Firewall Management: 5 Challenges Every Company Must AddressIn the paper I cover things such as rules and regulations impacting firewall management, assessing firewall policy risks, managing changes and being able to prove where things stand with your firewalls at any given point in time.Enjoy!...

    Continue Reading...
  • 26 Sep 2011

    Compliance or risk: what the real IT leaders focus on

    Whatever your approach to managing IT and information security, here's a new bit I wrote for Security Technology Executive magazine on fixing what needs to be fixed before you do ANYTHING else:Fix Your Low-Hanging Fruit or Forever Hold Your PeaceOnce you have the urgent flaws on your most important systems out of the out of the way, here are some pieces I wrote for SearchCompliance.com on dealing with compliance while, ...

    Continue Reading...
  • 19 Sep 2011

    Windows ASLR, APTs, server malware protection and common patching gaps

    Here are some new pieces I've written for the TechTarget sites SearchWindowsServer.com and SearchEnterpriseDesktop.com on Windows (in)securities in the enterprise including a bit on the over-hyped and misunderstood APT threat (is that like "ATM machine"?) which I got to see first hand while working on a project that involved one of the Operation Shady Rat victims:The APT threat to Windows environmentsWhy you need address space layout randomization in Windows Server ...

    Continue Reading...
  • 16 Sep 2011

    My new paper on BitLocker’s hidden costs

    I've been a fan of Microsoft BitLocker since it first came out. It provides a cheap and easy way for users to lock down their laptops and mobile storage devices and is especially helpful in small businesses where security knowledge is scarce at best. Although BitLocker protection can be bypassed, it's still better than nothing - like WEP for wireless networks.Anyway, if you're considering BitLocker as your disk encryption solution, ...

    Continue Reading...
  • 12 Sep 2011

    Microsoft Exchange Data Retention, Incident Response & Other Gotchas

    Depending on where you're at with your Exchange "maturity model", here are a few pieces I've written for SearchExchange.com about Microsoft Exchange security oversights, policies and plans to help you along the way:How to write an effective data retention policy for ExchangeSolidify Your Exchange Server Incident Response PlanCommon Exchange Security OversightsEnjoy!As always, be sure to check out www.principlelogic.com/resources.html for links to my additional information security articles, whitepapers, podcasts, webcasts, books ...

    Continue Reading...
  • 26 Aug 2011

    My new book: Implementation Strategies for Fulfilling and Maintaining IT Compliance

    Check out my latest book published by Realtimepublishers.com:In Implementation Strategies for Fulfilling and Maintaining IT Compliance I share strategic and tactical methods for getting your arms around the compliance beast. You can download all the chapters (below) for free by signing up on Realtime's site. They've got a ton over other good content too.Here's the low down:Businesses are struggling more and more with the compliance requirements being pushed on them ...

    Continue Reading...
  • 25 Aug 2011

    Join me live today at Dark Reading’s webinar #iwkdrbreaches

    I'm speaking at the #Information Week/Dark Reading Virtual Trade Show How Security Breaches Happen and What Your Organization Can Do About It. My session is titled How to Win the War Against Cybercrime and starts at 2:30pm ET. Here are a few words about it: What are you doing to avoid becoming the next Wikileaks, Google, or Sony? Despite the fact that businesses will spend over 50 billion dollars worldwide ...

    Continue Reading...
  • 22 Aug 2011

    Fine-tuning your Web application security

    I think I could write about Web application security every hour of every day...there's just so much involved with building secure apps, proper security testing, getting (and keeping) management on board and so on...But I wouldn't want to torture you in that way. Anyway, here are a few bits you may be interested in: Properly scoping your Web security assessments The cure for many Web application security ills How much ...

    Continue Reading...
  • 21 Aug 2011

    Getting ahead in your career + keeping IT staff on board

    Here are some new bits I've written about IT and information security careers. First, what you can do to stand out above the noise and move your career ahead: How IT pros can boost their worth -- and their salaries ...and second, what management can do to keep IT and security professionals interested in their jobs and on board with the business: How to retain your IT talent 8 best ...

    Continue Reading...
  • 21 Jul 2011

    Solid IT and infosec content to check out

    I just got back in town from doing a video shoot on cloud security with my friends and colleagues at TechTarget in Boston (man, I love that city). Anyway, I feel compelled to share with you a few of TechTarget's websites that I write for and I know they have lots of others with all sorts of information security, compliance and IT content. Here you go:SearchCompliance.comSearchEnterpriseDesktop.comSearchEnterpriseLinux.comSearchWinIT.comSearchSQLServer.comSearchMobileComputing.comSearchSoftwareQuality.comSearchNetworking.comSearchSecurityChannel.com...all of their sites are ...

    Continue Reading...

Success expert Brian Tracy shares his thoughts on Kevin:

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:


Hacking For Dummies, 8th edition penetration testing book

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO compliance coronavirus covid-19 cybersecurity data breaches discipline eagle syndrome hacking Hacking For Dummies health helmet communications incident response keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements tethered spinal cord tiktok time management underimplemented vulnerability and penetration testing web security willingness zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.