-
04 Jul 2011Cloud insecurities, when are they going to end?
This week's post is about cloud security - technically, lack thereof...Check out these new pieces I've written for Security Technology Executive and Acunetix:Dark Cloud Looming?What’s your take on cloud security?Enjoy!As always, be sure to check out www.principlelogic.com/resources.html for links to my 500+ articles, whitepapers, podcasts, webcasts, books and more....
Continue Reading... -
01 Jul 2011
Get over yourself
The late, great Richard Carlson once said:"Humility and inner peace go hand in hand. The less compelled you are to try to prove yourself to others, the easier it is to feel peaceful inside." I believe this theory explains why so many people in IT and information security are so stressed out. I'm also convinced that this concept is the basis for all the bad choices and negative behavior we've ...
Continue Reading... -
27 Jun 2011
The value of partial code scanning, now
Check out my new piece on the business value of partial code scanning where I outline why it's better to start your source code analysis now instead of waiting around until certain milestones of your development projects are reached or your software applications are completed altogether.It's kind of funny and ironic that we humans are all about instant gratification, yet with information risk issues such as source code analysis, we ...
Continue Reading... -
27 Jun 2011
Dropbox “bug” = why the cloud cannot be blindly trusted
I've been ranting about "the cloud" (what a tired term) for a couple of years now. As if we haven't seen enough examples lately of why we cannot put all our eggs in the cloud basket, here's one more with the "code bug" that impacted Dropbox's authentication mechanism over the weekend.Sure, Dropbox isn't an enterprise cloud app per se but I'll guarantee you it's impacting your enterprise this very moment. ...
Continue Reading... -
25 Jun 2011
Exchange incident response, ASLR & common Windows security mistakes
From Exchange to Windows Server to Windows at the desktop, here are some new pieces I've written about Microsoft security that you may be interested in:Six commonly overlooked Exchange security vulnerabilitiesSolidify Your Exchange Server Incident Response Plan10 most common security mistakes people are still makingWhy you need address space layout randomization in Windows Server 2008 R2Enjoy!As always, be sure to check out www.principlelogic.com/resources.html for links to my 500+ articles, whitepapers, ...
Continue Reading... -
20 Jun 2011
I’m a speaker at the Gartner Infosec show this week
For those of you who happen to be attending the Gartner Security and Risk Management Summit in DC this week, I'd love it if you could check out my session or at least stop by to say hello. I'll be serving as a panelist on mobile security at the following session:Protect Your Identity, Mobile PC and DataSession Code SPS13 - Potomac Ballroom 19:30-10:30amCheers!...
Continue Reading... -
18 Jun 2011
When’s political correctness going to impact infosec?
Witnessing the Thought Police's handling of the Tracy Morgan debacle I can't help but wonder if political correctness is not the beginning of dictatorships, Communism, etc. where the population is not allowed to speak up or out against anything.Don't get me wrong. Being a libertarian, I'm pro-choice on everything...To each his own. As long as you're not affecting the life, liberty or property of someone else, then say what you ...
Continue Reading... -
17 Jun 2011
Proud to be a speaker on the TechTarget roadshow
I just completed two seminars this past week for TechTarget and CDW...One was in Minneapolis, which by the way, was probably the friendliest city I've EVER visited. Great bunch of folks...thanks for the great Midwestern turnout and hospitality!Our second stop was San Francisco...one of my most favorite cities to visit. I also had the opportunity to visit the nice folks at one of my publishers: Realtimepublishers.com (publisher of my latest ...
Continue Reading... -
17 Jun 2011
Hacking tools & malware creation illegal – what’s next?
With all the criminal behavior taking place on computers around the world, it appears that politicians are seeking some solutions. For instance, European Union Justice Ministers are proposing a ban on hacking tools. I suspect this law will work just as well as gun laws in the U.S. Simply criminalize the inanimate object (or code) and only the law-abiding citizens will comply. It creates the perfect storm for criminals to ...
Continue Reading... -
13 Jun 2011
IT careers, compliance & the Internet “Freedom” Act
Here are some recent pieces I wrote on IT and security careers and compliance that you may be interested in...content that likely applies to your very situation:Career networking dos and don’ts But Compliance is Someone Else’s Job!Cybersecurity and Internet Freedom Act – New name, same gameEnjoy!As always, be sure to check out www.principlelogic.com/resources.html for links to my 500+ articles, whitepapers, podcasts, webcasts, books and more....
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:
