-
19 Jun 2012 -
11 Jun 2012
Focus on yourself and reap the rewards in IT & infosec
If you're in to big-picture IT and information security stuff like, say, your career and focusing on what matters, here are some new bits I've written for TechTarget and Security Technology Executive magazine that you may be interested in:Five habits of highly-successful IT prosSocial networking strategies to further your IT careerFive ways to advance your Windows careerUnderstanding management gets your IT department what it needsRSA's look at the big pictureEnjoy! ...
Continue Reading... -
07 Jun 2012
The weakness of vulnerability scans that people (sadly) ignore
Those of us who live and breathe information security on a daily basis understand that vulnerability scans are only part of the information security assessment equation. We can't live without them but as I've outlined here we by all means cannot rely on them completely.I was just speaking with a colleague about this and came up with an analogy for our overdependence on external vulnerability scans in the name of ...
Continue Reading... -
06 Jun 2012
Great quote that applies to information security
“Follow the path of the unsafe, independent thinker. Expose your ideas to the danger of controversy. Speak your mind and fear less the label of ‘crackpot’ than the stigma of conformity.” – Thomas J. Watson, Jr.I've found that it's a great way to live your life too. :)...
Continue Reading... -
28 May 2012
Thank a veteran
Saw this, unsure who wrote it, but I really like it:It is the veteran, not the preacher, who has given you freedom of religion.It is the veteran, not the reporter, who has given you freedom of the press.It is the veteran, not the poet, who has given you freedom of speech.It is the veteran, not the protester, who has given you freedom to assemble.It is the veteran, not the lawyer, ...
Continue Reading... -
21 May 2012
Real-life example of people not seeing the big picture
The inability to think long-term, to see the bigger picture consequences of our choices, is no doubt at the root of most information security problems. Here's an example of what I'm talking about...what's wrong with this car?No, this isn't a race car with Hoosier racing slicks...it's a street car owned by someone working or shopping at a Wal-Mart who has chosen to drive with improper equipment. Like many people who ...
Continue Reading... -
18 May 2012
-
15 May 2012
IT’s malignant narcissism and what you can do to rise above the noise
IT department optimism does not translate into IT department budget. That's what Jonathan Feldman wrote about in this Information Week piece. Their study provides lots of interesting insight into how many working in IT see things compared to, well, the rest of the business. I'm not surprised. While we're on the subject, I've recorded a video on IT's role in fixing this problem and wrote a new piece for TechTarget's ...
Continue Reading... -
11 May 2012
Web application security assessment war stories
I spend a lot of time performing Web security assessments and every project is a neat learning experience for me. I'm always eager to share my Web security war stories, what to do and what NOT to do so here are some new pieces you may be interested in...From exploiting Web vulnerabilities to IT geek speak and a bunch of stuff in between, I hope there's something here for you:The ...
Continue Reading... -
10 May 2012
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
I’ve written/co-written 12 books on information security including one of the best-sellers of all time:
