• 08 Oct 2013

    Windows 8.1 changes/enhancements, BitLocker’s improvements, and related Windows mobile/security tips

    In addition to my independent information security assessments through my consultancy Principle Logic, I've been writing a ton...including a lot on Windows 8 and 8.1. Check out these new pieces published by my friends at TechTarget:What's old, what's new for the enterprise with Windows 8.1Understanding why Windows 8 for mobile is perfectly viable for enterprise use Don’t forget enterprise password protection in a merger or acquisition Three ways Sysinternals Process Explorer ...

    Continue Reading...
  • 07 Oct 2013

    Experiencing problems with authenticated web vulnerability scans? Try NTOSpider.

    You're performing authenticated web vulnerability scans, right? If you're not, you're missing out...big time. When performing authenticated scans, you'll find a whole different set of security flaws likely consisting of session fixation, SQL injection (that often differs among user role levels), weak passwords, login mechanism flaws, and perhaps...just maybe that beloved cross-site request forgery flaw that may or may not be exploitable or even matter in the context of what ...

    Continue Reading...
  • 06 Sep 2013

    Sprechen Sie Deutsch? Hacking For Dummies now in German!

    Check out the latest foreign-language edition of my book Hacking For Dummies:Hacking For Dummies is now in 6 languages: English, Estonian, German, Italian, Portuguese, and Simplified Chinese.Very cool. If you're like me and English is pretty much your only language, you can see more about that version here.Prost!...

    Continue Reading...
  • 14 Aug 2013

    Municipal information security weaknesses, hacking, careers, & committees

    Here's some new content I've written recently on various information security topics you might be interested in:Government Security: Uncovering Your Weaknesses (common vulnerabilities I see when performing security assessments for municipalities)Eight questions to ask yourself before moving to C-suite management (are you really sure you want to do this!?)IT career paths: Working for yourself is an attainable dream (if you want to stop working for the man)Top 9 ways to ...

    Continue Reading...
  • 12 Aug 2013

    You can’t see the light ’til you open your eyes…

    I noticed a lot of interesting topics/news coming from the Black Hat conference last week such as: SSH Communications Security Unveils General Availability Of SSH Risk Assessor ToolPreparing For Possible Future Crypto AttacksCrack of mobile SIM card crypto and virtual machine features could let an attacker target and clone a phone HTTPS Hackable In 30 Seconds: DHS AlertNo doubt, these are all worthy topics that will help improve information security over the ...

    Continue Reading...
  • 18 Jul 2013

    Authenticated vulnerability scan pains…Rapid7 to the rescue.

    Apparently the folks at Rapid7 have people working on their Nexpose team that have actually performed security assessments for a living. You see, Nexpose has this seemingly trivial feature that can create a world of difference in the life of a security practitioner - it's part of the Site Configuration (i.e. scan settings) called Test Credentials as seen in the following screenshot: Sanity brought about by people who use their own ...

    Continue Reading...
  • 16 Jul 2013

    Never forget this

    Although we strive to get others on our side, here's a good reminder from the late Richard Carlson that applies to IT and information security that we should always keep in mind:"The sooner we accept the inevitable dilemma of not being able to win the approval of everyone we meet, the easier our lives will become". Speaking of building your confidence and independence, here are some new articles I've written ...

    Continue Reading...
  • 15 Jul 2013

    Infosec-related quote that strikes a chord

    I always love bringing philosophy, leadership, and personal responsibility into the information security discussion and here's one of the best quotes I've come across that resonates across all industries and businesses large and small:"To see what is right and not do it is a lack of courage." - ConfuciusWhat can you say to that...?Let this be the fire within that you use to get (and keep) the right people on ...

    Continue Reading...
  • 04 Jun 2013

    The root of every infosec failure is…

    Time management expert Alec McKenzie once said what could be the most profound statement ever that applies directly to what we do (or don't do) in information security:"Errant assumptions lie at the root of every failure."How's your security program looking today?...

    Continue Reading...
  • 24 May 2013

    Quoted in the Wall Street Journal this week

    I was quoted in the Wall Street Journal (Tuesday May 21 edition)...it's a piece written by Gregory Millman talking about how senior executives are often at the root of information security problems. Check it out:Corporate Security's Weak Link: Click-Happy CEOs Top Bosses, Exempt From Companywide Rules, Are More Likely to Take Cyber-Attackers' BaitAs I've written in the past, this is a big problem in businesses both large and small based on what ...

    Continue Reading...

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

I’ve written/co-written 12 books on information security including one of the best-sellers of all time:


Hacking For Dummies, 8th edition penetration testing book

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO compliance coronavirus covid-19 cybersecurity data breaches discipline eagle syndrome hacking Hacking For Dummies health helmet communications incident response keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements tethered spinal cord tiktok time management underimplemented vulnerability and penetration testing web security willingness zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.