-
04 Jun 2009My new security vulnerability scanning service
Well, I'm officially on the SaaS market. I've just launched my security vulnerability scanning service for both basic external security scans as well as the PCI Council's mandated Authorized Scanning Vendor (ASV) scans.Here's what I just posted on my Web site:Whether you need to minimize your investment in information security and compliance, you’re in need of an easy way to discover the low-hanging vulnerabilities, or you need help certifying your ...
Continue Reading... -
16 Apr 2009
Someting you need to know about all-in-one scanners
I've been approached a couple of times in the past few weeks regarding the "scanner" and "vulnerability management" vendors that are touting their all-in-one approach to security vulnerability assessments and compliance scans. The interest has been around PCI DSS and specifically Rapid7's solutions (apparently their marketing folks are doing a good job). There are other vendors coming into the space as well including a big one being announced at RSA ...
Continue Reading... -
13 Apr 2009
My latest security content
OK, here's my latest information security content.For starters, here are two articles I wrote for SearchSoftwareQuality.com:Common software security risks and oversights The role of quality assurance pros in software security...as well as a follow-up to a previous SearchEnterpriseLinux.com article:A look at real-world exploits of Linux security vulnerabilitiesI've said it before and I'll say it again, be sure to check out www.principlelogic.com/resources.html for all of my information security articles, podcasts, webcasts, ...
Continue Reading... -
20 Mar 2009
My latest security content
I've got some new information security content you may be interested in.First off, here's an article I wrote for SearchWinIT.com:Will a degree or certification help enhance your IT career?...and one I wrote for SearchEnterpriseDesktop.com:Why should Windows shops use Microsoft Baseline Security Analyzer?...and finally a webcast I just recorded for SearchSoftwareQuality.com:Essential Elements of Web Application Penetration TestingAs always, check out www.principlelogic.com/resources.html for all of my information security articles, podcasts, webcasts, screencasts ...
Continue Reading... -
02 Dec 2008
My latest security content
Here's a Q&A I put together with the author of a great new book on Web security testing:Recipe for successful Web application security testingHere's a podcast I recorded for SearchEnterpriseDesktop.com:Security Policies for Windows Systems...and here's an article I was interviewed for SearchCIO-Midmarket.com that you may find interesting:SOA, SaaS and SOAP: CIOs drowning in sea of IT acronymsBe sure to check out www.principlelogic.com/resources.html for all of my information security articles, podcast ...
Continue Reading... -
12 Nov 2008
Excellent resource for hacking goodies
Check out Adrian Crenshaw's site: www.irongeek.com. It's chock full of good insight on some hard-to-find hacking tricks. Good video demos as well.I had the pleasure of meeting Adrian when I keynoted the Louisville ISSA conference last month. Very nice and knowledgeable guy....
Continue Reading... -
28 Oct 2008
My latest security content
Here are two articles I wrote for SearchEnterpriseDesktop.com:Enhancing patch management with NAPUnauthenticated vs. authenticated security testing Here's an article I wrote for SearchSQLServer.com:New security features in SQL Server 2008 leave some work for you...and finally a podcast I just recorded for SearchEnterpriseDesktop.com:Security Policies for Windows SystemsBe sure to check out www.principlelogic.com/resources.html for all of my information security articles, podcast interviews, webcasts, screencasts and more....
Continue Reading... -
14 Mar 2008
My security content from this week
Here's a webcast I recorded recently for SearchWindowsSecurity.com:Vulnerability Testing Blunders, Oversights, and Common Mistakes You Must Avoid...and a podcast interview with Mike Rothman:Hacker-Proof Your ApplicationsFor all of my past information security content be sure to check out www.principlelogic.com/resources.html....
Continue Reading... -
07 Sep 2007
How secure is your law firm’s extranet?
Do you work for a law firm that provides a client Web portal that houses extremely sensitive case information (or other similar system that allows a client to manage their own data)? If so, chances are there are weaknesses in the system waiting to be exploited. Be it the commonly-used SharePoint or any other commercial or home-grown system, all it takes for someone with ill intentions to create a problem ...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:
