• 18 Aug 2014

    A resource to help with PCI DSS 3.0’s penetration testing methodology requirements

    PCI DSS has been getting a lot of buzz lately and the latest version 3.0 will continue gaining momentum until the many small and medium-sized businesses get their arms around the new requirements. Of particular interest is the updated requirement 11.3 (below) which is much more prescriptive on how to find the actual security flaws that matter. I've always believe that you can't secure what you don't acknowledge...PCI DSS 3.0 ...

    Continue Reading...
  • 05 Aug 2014

    Are you stuck in this information security rut?

    Here's a new post I wrote for Rapid7's blog that I think you might like...There’s nothing really new in the world in which we work. Every problem you face in information security has already been solved by someone else. Why not use that to your advantage? There’s no time for baby steps in security. Sure, you need to “walk before you run” by thinking before you act. That comes in ...

    Continue Reading...
  • 18 Jul 2014

    How to communicate Web security to management, must-have security testing tools, and compliance in the cloud

    Check out these new pieces I've written and recorded on Web application and cloud security. If you follow the things I recommend on communication (first three links), you can absolutely transform your information security program and the way that people perceive you as an IT professional.Communicating with Management about Web Security, Part 1 - Knowing What You're Up AgainstCommunicating with Management about Web Security, Part 2 - Prioritization and Sending ...

    Continue Reading...
  • 10 Jun 2014

    Pitching your ideas in IT

    If you work in IT, your communication and selling skills are more important than anything you can ever do technically. This includes "pitching" your ideas to your audience - typically management and users. As a speaker, I often struggle with new approaches for pitching my ideas.Here's a good Success.com Q&A with Shark Tank's Daymond John to help remind us of what people are looking for. I especially like where Daymond ...

    Continue Reading...
  • 04 Jun 2014

    More Web security vulnerability assessment, audit, and pen testing resources

    I've been busy in the world of Web security testing - both with work and with writing. Check out these new pieces on the subject. I suspect I'll tick off a "researcher" or two given my business angle and 80/20 Rule-approach of focusing on the most problematic areas of Web security...Still, I hope that these are beneficial to you and what you're trying to accomplish in your organization: Key Web ...

    Continue Reading...
  • 14 May 2014

    Web security vulnerability testing and management resources you need

    Here are some recent pieces I've written that can make or break your success in information security: - See more at: http://securityonwheels.blogspot.com/#sthash.YEhOcnEF.dpufHere are some recent pieces I've written that can make or break your success in information security: - See more at: http://securityonwheels.blogspot.com/#sthash.YEhOcnEF.dpufHere are some recent pieces I've written that can make or break your success in information security: - See more at: http://securityonwheels.blogspot.com/#sthash.YEhOcnEF.dpufHere are some recent pieces I've written ...

    Continue Reading...
  • 01 May 2014

    Running vulnerability scans over VPN connections

    If you haven't yet, you'll likely run into a situation where you need to run vulnerability scans over a VPN connection (i.e. for remote office networks). Well, certain scanners won't scan over "raw sockets" - the underlying communication method for certain VPN connections. Other scanners can't even connect to a remote network at all because they're caught up in their own little virtual machines that you cannot add a VPN ...

    Continue Reading...
  • 30 Apr 2014

    Things that impact careers in information security

    Here are some recent pieces I've written that can make or break your success in information security:Open your eyes and you’ll see the lightSteering your career as a desktop admin in the mobility ageThe mindset of everyday employees and their impact on securityWhy a CIO's relationship with enterprise IT security is importantBe sure to check out the hundreds of security articles, webcasts, and more I've written/developed over the past 12 ...

    Continue Reading...
  • 22 Apr 2014

    6 reasons information security causes global warming

    In keeping with the divorce and everything Capitalist or conservative causes "global warming" movement, how about this:Information security causes global warming (or cooling, or whatever it needs to be called today)I really believe we have a "crisis" on our hands and here's why: The need for IT security controls is a negative side-effect of Capitalism - man bettering himself if you will. If we didn't have computers and the Internet, ...

    Continue Reading...
  • 11 Apr 2014

    Heartbleed – the biggest Web security problem ever???

    I just came across this piece from NewsFactor: Is Heartbleed the Biggest Web Security Threat Ever? and couldn't help but chime in. Contrary to popular hype, I don't think the biggest web security issue we face (now or ever) is a technical problem...instead, it's something with hair on top like I talked about here.As with the hype over the Target breach and the gloom and doom over Windows XP's end ...

    Continue Reading...

Success expert Brian Tracy shares his thoughts on Kevin:

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:


Hacking For Dummies, 8th edition penetration testing book

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO compliance confidentiality covid-19 cybersecurity data breaches defensibility discipline eagle syndrome executive management hacking Hacking For Dummies helmet communications incident response keynote speaker leadership NCAA football networking outsourcing passwords patching policy enforcement Power Four rare diseases resilience security security leadership social engineering tethered spinal cord threat intelligence tiktok time management underimplemented vulnerability and penetration testing web security willingness zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.