• 04 Jun 2019

    Here’s a BIG mobile security exposure you may be overlooking

    With security, if your goal is to minimize your maximum regret, there's a lot to be thinking about. User behaviors involving mobile devices are at the heart of some of the larger business risks, especially if you're like the majority of businesses I see and support bring your own device (BYOD) For phones and tablets. Well, here's something that you may have thought about in passing but haven't done anything ...

    Continue Reading...
  • 05 Dec 2016

    Using NowSecure for automated mobile app testing

    As an independent information security consultant, I'm always looking for good testing tools to rely on for my work. These tools, such as vulnerability scanners, network analyzers/proxies, and related manual analysis tools, are not the be-all-end-all answer for uncovering security weaknesses, but they are a very important aspect of what I do. Be it more generic vulnerability scans, a targeted penetration test, or a broader, more in-depth, security assessment, I ...

    Continue Reading...
  • 19 Aug 2014

    CommView for WiFi – a great option for wireless network analysis

    Several years ago I wrote about the neat WEP/WPA recovery tools offered as part of TamoSoft's wireless network analyzer called CommView for WiFi. Well, those tools are no longer available but CommView for WiFi is as relevant as ever. I've been using it for years. It seems that it hasn't changed a ton other than some UI and packet analysis enhancements - probably just oversights on my part since I ...

    Continue Reading...
  • 30 Apr 2014

    Things that impact careers in information security

    Here are some recent pieces I've written that can make or break your success in information security:Open your eyes and you’ll see the lightSteering your career as a desktop admin in the mobility ageThe mindset of everyday employees and their impact on securityWhy a CIO's relationship with enterprise IT security is importantBe sure to check out the hundreds of security articles, webcasts, and more I've written/developed over the past 12 ...

    Continue Reading...
  • 08 Oct 2013

    Windows 8.1 changes/enhancements, BitLocker’s improvements, and related Windows mobile/security tips

    In addition to my independent information security assessments through my consultancy Principle Logic, I've been writing a ton...including a lot on Windows 8 and 8.1. Check out these new pieces published by my friends at TechTarget:What's old, what's new for the enterprise with Windows 8.1Understanding why Windows 8 for mobile is perfectly viable for enterprise use Don’t forget enterprise password protection in a merger or acquisition Three ways Sysinternals Process Explorer ...

    Continue Reading...
  • 24 May 2013

    Quoted in the Wall Street Journal this week

    I was quoted in the Wall Street Journal (Tuesday May 21 edition)...it's a piece written by Gregory Millman talking about how senior executives are often at the root of information security problems. Check it out:Corporate Security's Weak Link: Click-Happy CEOs Top Bosses, Exempt From Companywide Rules, Are More Likely to Take Cyber-Attackers' BaitAs I've written in the past, this is a big problem in businesses both large and small based on what ...

    Continue Reading...
  • 02 May 2013

    Is your approach to application security based in reality?

    I know I say this a lot here - I've been so busy writing that I've been remiss in posting my actual content. So...I've got some content on web and mobile application security and penetration testing this time around.You see, there are so many researchers, theories, and academic approaches to web and mobile security that it's simply overwhelming. Much of it doesn't apply to what businesses really need to be ...

    Continue Reading...
  • 28 Feb 2013

    Mobile app security assessments

    I wrote recently about performing source code analysis for mobile apps. I'm seeing some crazy stuff that I didn't think I'd see in mobile apps (but I'm not really surprised) related to session manipulation, hard-coded cryptographic keys and the like which underscores the importance of the exercise.But there's another side to mobile app security assessments - it's simply manual analysis. That is poking around with the apps and the mobile ...

    Continue Reading...
  • 12 Feb 2013

    Mobile app security testing – are you checking for all the flaws?

    I plan to write a related post soon on my mobile app security assessments. In the meantime, I wanted to share a tool with you that plays a key role in mobile app security: Checkmarx CxDeveloper (or perhaps more appropriately called CxSuite).If you're a developer, QA professional, security manager, or IT generalist, this is a good tool to have for all of those gotta-have-now apps that everyone is throwing together ...

    Continue Reading...
  • 09 Dec 2012

    What do credibility, BYOD, & mobile security have in common?

    They're the topics of three new pieces I've written!I can't believe I've been writing more than ever lately but haven't kept up with my posts accordingly. In the interest of catching up, here's some new content I've written on mobile security, BYOD, and IT/security careers:Credibility is the cornerstone of your careerAs BYOD, cloud change networking, VPN management still indispensibleTop 10 reasons we have our heads in the sand over mobile ...

    Continue Reading...

Success expert Brian Tracy shares his thoughts on Kevin:

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:


Hacking For Dummies, 8th edition penetration testing book

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO compliance coronavirus covid-19 cybersecurity data breaches discipline eagle syndrome hacking Hacking For Dummies health helmet communications incident response keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements tethered spinal cord tiktok time management underimplemented vulnerability and penetration testing web security willingness zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.