• 06 Feb 2017

    Getting to know your network with Managed Switch Port Mapping Tool

    In my years performing independent network security assessments, one thing that has really stood out to me is the lack of network insight. Regardless of the size of the organization, the industry in which they operate, and the level of security maturity, in most cases, I see IT and security shops with very little:documentationinventoryconfiguration standardslogging and alerting outside of basic resource monitoringWhat this means – and what it can easily ...

    Continue Reading...
  • 21 Mar 2016

    Network complexity + intrusions = you’re not on top of things as much as you think.

    Here are some new articles and guest blog posts that I've written on the subject of network complexity, intrusions, and how most people have a false sense of security. Enjoy!Dealing with today’s information systems complexityNetwork complexity: Bad for Business, Great for Job SecurityKnowing the warning signs of network intrusionsDuring and after a breach, all eyes are on youFive network security lessons learned from the Sony Pictures hackA perspective on the ...

    Continue Reading...
  • 22 Mar 2012

    Don’t underestimate the value of firewall rulebase analysis

    Are firewalls sexy? No...but you must understand that they're an integral part of your overall information risk equation. From configuration flaws to rulebase anomalies to overall system inefficiencies, your firewall rulebases can make or break security, business continuity and other critical parts of your IT operations.Last week, AlgoSec's Nimmy Reichenberg and I recorded a webinar titled How to Automate Firewall Operations, Simplify Compliance Audits and Reduce Risk that you may ...

    Continue Reading...
  • 15 Mar 2012

    Flaws, compliance and the Cybersecurity Act of 2012

    Here are some new pieces I've recently written that you may be interested in...big things in security we need to have on our radar: Six Security Flaws on Your Network Right Now Find the Most Flaws By Balancing Automated Scans with Manual Analysis Compliance is just the beginning New and not-so-new security twists in the Cybersecurity Act of 2012 Enjoy! Be sure to check out www.principlelogic.com/resources.html for links to all ...

    Continue Reading...
  • 09 Mar 2012

    My upcoming webcast on firewall management

    Join me and AlgoSec's Nimmy Reichenberg next week for a unique discussion on strategies for improving firewall management.We all know it's the elephant in the room...Today's enterprises have firewalls that are so complex and so fragile yet no one's really taking care of them. Any processes that do exist around rule management, rule changes and firewall risk analysis are often manual - and oh so painful.I know, I know, firewalls ...

    Continue Reading...
  • 11 Oct 2011

    What can you really say about your network?

    Here's a new guest blog post I wrote for AlgoSec (a Roswell, Georgia-based company with some really solid firewall management applications) where I talk about something near and dear to all of us in IT:Do you really understand your network?...it's more than just a sappy relationship. :-)By the way, in case you missed it, I wrote a whitepaper for AlgoSec recently that you may be interested in as well:Firewall Management: ...

    Continue Reading...
  • 26 Sep 2011

    Common firewall management challenges whitepaper

    Here's a new whitepaper I recently wrote on the ins and outs - and dos and don'ts - of managing enterprise firewalls:Firewall Management: 5 Challenges Every Company Must AddressIn the paper I cover things such as rules and regulations impacting firewall management, assessing firewall policy risks, managing changes and being able to prove where things stand with your firewalls at any given point in time.Enjoy!...

    Continue Reading...
  • 02 Apr 2008

    FTP bad for sensitive information…and lives?

    When I first saw this headline, I thought to myself: Who's the detective that figured this out!? [tongue in cheek]FTP Sites Vulnerable to Data BreachesFTP poses risks?? Uh, yeah! It's just like another technology or host on the network. If it's software, addressable via IP, and has a user login prompt - then, it's undoubtedly going to have holes that are exploited eventually. Especially when network admins and security managers ...

    Continue Reading...
  • 06 Dec 2007

    When seconds count, how long will it take for you to respond?

    I was listening to Neal Boortz's radio talk show this morning about the tragedy that occurred at the Omaha mall yesterday. A caller brought up the old saying "When seconds count, the police are only minutes away." This made me think about all the organizations out there who don't have an IT-centric incident response plan - or at least don't have one that's adequate enough to respond to real security ...

    Continue Reading...

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

I’ve written/co-written 12 books on information security including one of the best-sellers of all time:


Hacking For Dummies, 8th edition penetration testing book

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO compliance coronavirus covid-19 cybersecurity data breaches discipline eagle syndrome hacking Hacking For Dummies health helmet communications incident response keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements tethered spinal cord tiktok time management underimplemented vulnerability and penetration testing web security willingness zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.