-
05 Dec 2011What happens when third-party patches are ignored
The majority of people I speak with claim they have no means for patching third-party software. As Kelly Jackson Higgins mentions in her recent Dark Reading blog post regarding the rash of Java exploitations, when third-party software goes unmanaged, bad things can happen.It's great that Metasploit has a a module for Java exploitation - something that'll not only benefit me in my security assessments but will also help bring to ...
Continue Reading... -
21 Jul 2011
Thomas Paine knew his infosec
Here's a great infosec quote from statesman Thomas Paine:"Our greatest enemies, the ones we must fight most often, are within."This applies to both malicious insiders and ourselves as each of us certainly tend to get in our own way when it comes to making things happen with security....
Continue Reading... -
26 Aug 2010
Good new book on security awareness
I have to admit, when my colleague Marcos Christodonte first approached me about reviewing his new security awareness book, Cyber Within, I thought here's yet another book on boring old security awareness. I was wrong. Cyber Within takes a very unique (suspense novel-like) approach to address the problem we have with employees and information security. And it works.The book is a quick read - just 47 pages - but it's ...
Continue Reading... -
05 Feb 2010
My latest information security content
Here are my latest information security articles covering policies, internal threats and employee monitoring, and (when all else, fails) incident response. Enjoy!Security policy oversights and mistakes we keep makingThe real deal with internal security threatsMonitoring user activity with network analyzersLack of incident response plan leaves hole in compliance strategyIncident response – the often overlooked component of business continuityAs always, be sure to check out www.principlelogic.com/resources.html for all of my information ...
Continue Reading... -
29 Jan 2009
Pros and cons of information hiding
I just read this good article on steganography and started thinking about the potential uses and misuses of this technology.So, do you have a need to hide information on mobile systems/devices to keep prying eyes away in the event of theft or loss? Sounds like a good application for it. Although given the current state of mobile security [mostly nada] I can't imagine too many people would go this far ...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
I’ve written/co-written 12 books on information security including one of the best-sellers of all time:
