-
21 Oct 2011Users making security decisions is your Achilles’ heel
I recently came across some content in a book outlining the benefits of SSL. The author depicted a scenario where SSL is in place to help the user authenticate the server/site he's connecting to and if a certificate-related error popped up in the browser then the user would know that the site was malicious and (presumably) not continue on with the connection. This very situation is an example of how ...
Continue Reading... -
18 Oct 2011
Keynoting the NKU 2011 Security Symposium next week
If you happen to be in the Cincinnati, OH area next Friday, October 28th, I'd love it if you could join me as I give the keynote presentation for the Northern Kentucky University 2011 Security Symposium. I'll be talking about mobile security problems and solutions and it looks like they've lined up tons of great content and speakers.Hope to see you there!...
Continue Reading... -
17 Oct 2011
Dan Wheldon’s crash a harsh reminder
IndyCar lost a great driver yesterday. When I first heard of Dan Wheldon's crash and death I couldn't believe it. I'm a big IndyCar fan and felt like I knew him - especially with the commentary he has been providing on Versus' coverage of IndyCar this year.Driving a race car myself - albeit at a *much* different level - I can't help but question the risks of what I do. ...
Continue Reading... -
11 Oct 2011
What can you really say about your network?
Here's a new guest blog post I wrote for AlgoSec (a Roswell, Georgia-based company with some really solid firewall management applications) where I talk about something near and dear to all of us in IT:Do you really understand your network?...it's more than just a sappy relationship. :-)By the way, in case you missed it, I wrote a whitepaper for AlgoSec recently that you may be interested in as well:Firewall Management: ...
Continue Reading... -
06 Oct 2011
My latest bits on Windows 7, Microsoft SCM and Metasploit
Here are some new pieces I've written for my friends at TechTarget on Windows security that you may be interested in including bits on the often overlooked but oh so valuable Security Compliance Manager and Metasploit:Using Windows 7 management tools to your advantageGetting to know Security Compliance ManagerWhy aren’t you using Metasploit to expose Windows vulnerabilities?You know the deal, be sure to check out www.principlelogic.com/resources.html for links to all of ...
Continue Reading... -
05 Oct 2011
Join me at the CDW – TechTarget seminar in Phoenix next week
If you happen to be in or around Phoenix, AZ next Thursday October 13th, I'd love it if you could join me at the TechTarget / CDW seminar: Predictive Security: Plan Ahead to Stay Ahead of the Next Threat.I'll be giving the keynote and combined breakout session in addition to the sessions provided by other vendor experts. We'll close out with a lively Q&A that I know you'll enjoy.If you ...
Continue Reading... -
05 Oct 2011
Information security’s bond with e-discovery is strengthening
We're seeing more and more how information security and e-discovery go hand in hand. Here are two new pieces I've written that delve into the subject. I hope you enjoy.Information security’s tie-in with the e-discovery processLax enterprise mobile device management hampers e-discoveryAs always, be sure to check out www.principlelogic.com/resources.html for links to all of my information security whitepapers, podcasts, webcasts, books and more....
Continue Reading... -
04 Oct 2011
Should You Ban Facebook at the Office?
In the whitepaper To Block or Not. Is that the Question?, Palo Alto Networks explores the issue of "Enterprise 2.0" applications such as Facebook, Skype, Twitter and YouTube and how users are now in control of the network. Meanwhile, IT staff is saying "just block it!" and users say "just don't block it!," but it's not that simple. As the whitepaper points out, the real answer lies in your ability ...
Continue Reading... -
27 Sep 2011
Web security essentials: something old and something new
Here are some new bits I've written on Web security that you may be interested in. First a bit on SQL injection - the greatest Web flaw of all in my humble opinion:SQL Injection – The Web Flaw That Keeps on GivingAnd a bit on how to use your users to your advantage to minimize Web security risks:Getting users on your side to improve Web security...and finally a piece on ...
Continue Reading... -
26 Sep 2011
Common firewall management challenges whitepaper
Here's a new whitepaper I recently wrote on the ins and outs - and dos and don'ts - of managing enterprise firewalls:Firewall Management: 5 Challenges Every Company Must AddressIn the paper I cover things such as rules and regulations impacting firewall management, assessing firewall policy risks, managing changes and being able to prove where things stand with your firewalls at any given point in time.Enjoy!...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
I’ve written/co-written 12 books on information security including:
