• 21 Sep 2012

    Perhaps the biggest & most widespread security gaffe of all

    ...

    Continue Reading...
  • 11 Sep 2012

    GoDaddy: ‘Malfunction’ as the new scapegoat?

    We've been hearing about 'computer glitch' for a while. That's what the talking heads on the news always cite when something goes awry with a computer system. Perhaps 'malfunction' is the new scapegoat? That's the route GoDaddy is taking. They say it was a 'malfunction', not hacking, that took them and presumably hundreds of thousands (millions?) of other systems offline for hours yesterday.I'm sure it had nothing to do with ...

    Continue Reading...
  • 16 Aug 2012

    You can’t buy security for $1, but some people will fall for it

    I recently deposited a check at a giant monster mega bank that's continually trying to sell me new services and the teller asked: "Would you like to buy identity theft protection for just $1 today?"Wow, really...so you're saying my personal information will be safe and secure for a mere $1...!? Amazing...but no thanks. Sadly, many in management are like the average consumer: they just don't realize what it takes to ...

    Continue Reading...
  • 14 Aug 2012

    Aiming for the CISSP? Check out this book.

    I recently completed the technical edits for the new book CISSP For Dummies, 4th edition. It's a great book (not because of my contribution!) that I wish I would've had when I was studying for my CISSP test back in 2001. If you're prepping for the CISSP exam or just want to brush up on the fundamental concepts of information security, this book is a must-have. Just keep in mind ...

    Continue Reading...
  • 08 Aug 2012

    Pressure washer v. university data center…guess who wins?

    Oops, Georgia State University forgot to check their data center for leaks. Okay, I'm not going to pick on my friends at GSU. In their defense you cannot - in any way, shape, form or fashion - predict or plan for every possible disaster recovery/business continuity scenario or outcome. But a threat exploiting a weakness that knocks phones and Internet access out for five hours, this is a great example. ...

    Continue Reading...
  • 24 Jul 2012

    This week’s webcast on common sense security

    Join me and Phil Owens of GFI tomorrow (Wednesday July 24, 2012) as we wax poetic about what it really takes to have a reasonable layered security defense against malware:Defense in Depth: The Layered Approach to IT Security Crashed systems, data theft, decreased productivity, revenue loss, reputation loss – today’s malware threats can cause critical damage to your business. IT professionals, now more than ever, need a method of in-depth protection ...

    Continue Reading...
  • 24 Jul 2012

    Interesting quote on human psyche that relates to infosec

    I just saw the following quote from publisher Malcolm Forbes that underscores the very essence of the problems we see in information security, business and life in general:"Too many people overvalue what they are not and undervalue what they are."Indeed, so many people want to control or break down (they're one in the same) others because their own lives are out of control. They simply don't believe in themselves. Like ...

    Continue Reading...
  • 10 Jul 2012

    With all the recent hype and hoopla over Windows 8 and Server 2012, I thought I'd throw in my two cents into the Microsoft analysis arena...here are some recent pieces I've written that you may be interested in:Thoughts and considerations around the forthcoming System Center 2012 Configuration ManagerWhy the simple Windows 8 Metro interface may not benefit usersMicrosoft Security Compliance Manager enhances desktop securityA first look at Microsoft Office 15 ...

    Continue Reading...
  • 09 Jul 2012

    What NTOSpider offers the appsec world

    I feel like I've said it a million times: you cannot rely on just one Web vulnerability scanner. There are simply too many vendors doing too many checks across too many websites and applications. The complexity of what needs to be tested is enormous not to mention the quality of the Web vulnerability scanners on the market (tip: you get what you pay for). Well, NTObjectives' NTOSpider is a perfect ...

    Continue Reading...
  • 20 Jun 2012

    Want to know the traits of top infosec leaders?

    Join me in 24 hours for my webinar with EC-Council (the folks behind the CEH, Certified Ethical Hacker, certification) titled Four Traits of Successful Information Security Leaders.I'll share with you my experiences and mistakes as an information security leader as well some observations I've made of those at the top of their game over the past 11 years I've spent working for myself. There will be a Q&A at the ...

    Continue Reading...

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

I’ve written/co-written 12 books on information security including one of the best-sellers of all time:


Hacking For Dummies, 8th edition penetration testing book

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO compliance coronavirus covid-19 cybersecurity data breaches discipline eagle syndrome hacking Hacking For Dummies health helmet communications incident response keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements tethered spinal cord tiktok time management underimplemented vulnerability and penetration testing web security willingness zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.