• 16 Sep 2015

    My new content: Regulating security pros, network security, and locking down Windows

    Here are some recent pieces I've written on information security that you might be interested in:Why regulating information security professionals is a bad thingYour network versus the cloud – what’s more secure?Solving major security infrastructure issues around interoperabilitySoftware-defined security: The future of network security?The biggest obstacle to securing Windows Server 2012Hidden vulnerabilities on your IIS 8 serversTighten Windows 8.1 security in five simple steps As always, my other information security ...

    Continue Reading...
  • 09 Apr 2014

    Windows XP: Goodbye my love…well, not really.

    Windows XP...ah, the memories!I wrote many of my books including the first two editions of Hacking For Dummies and the first edition of The Practical Guide to HIPAA Privacy and Security Compliance originally on Windows XP - not to mention countless articles, security assessment reports and more over a 7-8 year span.It was nice working with you XP!I waited to write this post today, the day after all the Windows ...

    Continue Reading...
  • 02 Oct 2012

    Windows server and workstation security essentials

    Over the past couple of months I was so focused on writing new content that I've been remiss in posting it online. Here are some tips, thoughts and general opinions around Windows server and workstation security:Desktop backup oversights that can get you into a bindFree open source security tools for finding and fixing Windows flawsMobile security and how you can no longer ignore its impact on enterprise desktop management Why ...

    Continue Reading...
  • 05 Dec 2011

    What happens when third-party patches are ignored

    The majority of people I speak with claim they have no means for patching third-party software. As Kelly Jackson Higgins mentions in her recent Dark Reading blog post regarding the rash of Java exploitations, when third-party software goes unmanaged, bad things can happen.It's great that Metasploit has a a module for Java exploitation - something that'll not only benefit me in my security assessments but will also help bring to ...

    Continue Reading...
  • 14 Nov 2011

    For incidents, preparation is key…But you’ve been hacked, now what?

    Here are some new pieces I've written for TechTarget and Security Technology Executive magazine on compliance that you may be interested in:Preparing for an incident at the workstation levelDevelop a Flight PlanHow to know if your website has been hacked As always, be sure to check out www.principlelogic.com/resources.html for links to all of my information security whitepapers, podcasts, webcasts, books and more....

    Continue Reading...
  • 06 Oct 2011

    My latest bits on Windows 7, Microsoft SCM and Metasploit

    Here are some new pieces I've written for my friends at TechTarget on Windows security that you may be interested in including bits on the often overlooked but oh so valuable Security Compliance Manager and Metasploit:Using Windows 7 management tools to your advantageGetting to know Security Compliance ManagerWhy aren’t you using Metasploit to expose Windows vulnerabilities?You know the deal, be sure to check out www.principlelogic.com/resources.html for links to all of ...

    Continue Reading...
  • 19 Sep 2011

    Windows ASLR, APTs, server malware protection and common patching gaps

    Here are some new pieces I've written for the TechTarget sites SearchWindowsServer.com and SearchEnterpriseDesktop.com on Windows (in)securities in the enterprise including a bit on the over-hyped and misunderstood APT threat (is that like "ATM machine"?) which I got to see first hand while working on a project that involved one of the Operation Shady Rat victims:The APT threat to Windows environmentsWhy you need address space layout randomization in Windows Server ...

    Continue Reading...
  • 16 Sep 2011

    My new paper on BitLocker’s hidden costs

    I've been a fan of Microsoft BitLocker since it first came out. It provides a cheap and easy way for users to lock down their laptops and mobile storage devices and is especially helpful in small businesses where security knowledge is scarce at best. Although BitLocker protection can be bypassed, it's still better than nothing - like WEP for wireless networks.Anyway, if you're considering BitLocker as your disk encryption solution, ...

    Continue Reading...
  • 25 Jun 2011

    Exchange incident response, ASLR & common Windows security mistakes

    From Exchange to Windows Server to Windows at the desktop, here are some new pieces I've written about Microsoft security that you may be interested in:Six commonly overlooked Exchange security vulnerabilitiesSolidify Your Exchange Server Incident Response Plan10 most common security mistakes people are still makingWhy you need address space layout randomization in Windows Server 2008 R2Enjoy!As always, be sure to check out www.principlelogic.com/resources.html for links to my 500+ articles, whitepapers, ...

    Continue Reading...
  • 26 Mar 2011

    Viewfinity’s latest privilege management offering

    I had the opportunity to meet up with my colleague Matt Stubbs with SnappConner on a recent visit to Salt Lake City. One of the things we discussed was Viewfinity's new privilege management software release.Viewfinity provides a public or private cloud solution to locking down Windows desktops including:getting your arms around administrator-level privileges (perhaps once and for all?)allowing users to install permitted applications, printers, etc.blocking/whitelisting of applicationsCheck out this screencast ...

    Continue Reading...

Success expert Brian Tracy shares his thoughts on Kevin:

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:


Hacking For Dummies, 8th edition penetration testing book

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO compliance coronavirus covid-19 cybersecurity data breaches discipline eagle syndrome hacking Hacking For Dummies health helmet communications incident response keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements tethered spinal cord tiktok time management underimplemented vulnerability and penetration testing web security willingness zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.