-
04 Jul 2011Cloud insecurities, when are they going to end?
This week's post is about cloud security - technically, lack thereof...Check out these new pieces I've written for Security Technology Executive and Acunetix:Dark Cloud Looming?What’s your take on cloud security?Enjoy!As always, be sure to check out www.principlelogic.com/resources.html for links to my 500+ articles, whitepapers, podcasts, webcasts, books and more....
Continue Reading... -
27 Jun 2011
The value of partial code scanning, now
Check out my new piece on the business value of partial code scanning where I outline why it's better to start your source code analysis now instead of waiting around until certain milestones of your development projects are reached or your software applications are completed altogether.It's kind of funny and ironic that we humans are all about instant gratification, yet with information risk issues such as source code analysis, we ...
Continue Reading... -
25 May 2011
Web appsec compliance & low-hanging fruit – it’s all up to us!
Here are some recent pieces I wrote on Web application security common sense for my colleagues at Acunetix that you may be interested in:But Compliance is Someone Else’s Job!Low-hanging fruit becomes big news with the 2011 Verizon Data Breach reportGoing Beyond Confirmed Web Security FlawsEnjoy!As always, be sure to check out www.principlelogic.com/resources.html for links to my 500+ articles, whitepapers, podcasts, webcasts, books and more....
Continue Reading... -
23 May 2011
Sony PlayStation discussion download
In case you missed our Sony PlayStation Security Fiasco roundtable discussion last week, here's a link to the MP3 recording.Enjoy!...
Continue Reading... -
04 May 2011
From culture to products to malware to breaches – where do you stand?
Here are some new opinion pieces on information security management that I wrote for Security Technology Executive magazine that you may be interested in:Don’t end up on the wrong side of a data breachFighting the malware fight all over again9 good reasons not to buy information security productsSecurity best practices without question?How's your security culture?Enjoy!As always, be sure to check out www.principlelogic.com/resources.html for links to all of my information security ...
Continue Reading... -
26 Apr 2011
What’s this “firewall” you speak of??
It seems that #firewalls are making a comeback. Of course, I felt compelled to throw in my two cents worth so here are some new pieces I wrote for the fine folks at SearchNetworking.com on firewalls and firewall management:Firewall change management and automation can curb human errorDo Web application firewalls complicate enterprise security strategy?Planning a virtualization firewall strategyEnjoy!As always, be sure to check out www.principlelogic.com/resources.html for links to all of ...
Continue Reading... -
24 Apr 2011
Tidbits on enterprise mobile security
Here are some recent pieces I wrote for SearchEnterpriseDesktop.com on the subject of mobile security that you may be interested in:Securing the new desktop: enterprise mobile devicesSecurity tools that can boost Windows Mobile and Windows Phone 7 securityWhole disk encryption gotchas to look out forEnjoy!As always, be sure to check out www.principlelogic.com/resources.html for all of my information security articles, whitepapers, podcasts, webcasts and more....
Continue Reading... -
01 Apr 2011
Web security tidbits on developers, leadership, weak passwords & more
Here are a few pieces I've written recently on Web application security you may be interested in...things that affect each and every one of us working in IT and infosec:I wouldn’t want to be a developer these daysDon’t overlook the importance of authenticated testingYou can’t change what you tolerateTesting for weak passwords: a common oversight without a great solutionHow often should you test your web applications?Notable changes in the PCI ...
Continue Reading... -
01 Apr 2011
Time management + getting over your job title in IT
Here are some IT career bits I wrote for TechTarget's SearchWinIT.com that you may be interested in:Time management strategies for the IT proYour title is worthless; your value is priceless This is the best time ever to focus on these things.Enjoy!Also, be sure to check out www.principlelogic.com/resources.html for all of my information security articles, podcasts, webcasts, screencasts and more....
Continue Reading... -
20 Mar 2011
Getting your ducks in a row with cloud compliance
Cloud, cloud, cloud - it's all we're hearing about these days. Frankly I'm over the hype - have been for a while...But whether or not we buy into all this hoopla over "the cloud", the technologies and associated security risks and compliance headaches aren't going anywhere. With that here are a couple of new pieces I've written for SearchCompliance.com that you may be interested in:The cloud’s compliance complexities you cannot ...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:
