• 16 Jun 2009

    Great site for getting your IT/security questions answered

    I may have already blogged about this but here it is again. It's TechTarget's IT Knowledge Exchange.Let's say you have a question about, oh, anything related to what we do in IT and security. You're going to get some good answers. I answer a fair amount of questions on the site and there are a lot of sharp people who contribute. And odds are you won't get flamed for asking ...

    Continue Reading...
  • 11 Jun 2009

    Do you hate to lose or love to win?

    Things have been crazy busy for me recently but I wanted to post a quickie one something I remember hearing from Don Yeager's recent speech about successful athletes and coaches. He said "they hate to lose more than they love to win and as soon as you accept being second you lose that edge that makes you a winner."Deep....

    Continue Reading...
  • 04 Jun 2009

    My new security vulnerability scanning service

    Well, I'm officially on the SaaS market. I've just launched my security vulnerability scanning service for both basic external security scans as well as the PCI Council's mandated Authorized Scanning Vendor (ASV) scans.Here's what I just posted on my Web site:Whether you need to minimize your investment in information security and compliance, you’re in need of an easy way to discover the low-hanging vulnerabilities, or you need help certifying your ...

    Continue Reading...
  • 03 Jun 2009

    Neat (and free) tool for finding Flash flaws

    HP's Application Security Center recently released SWFScan - a standalone tool that decompiles Flash applications and searches for security holes inside the code. Very cool.It's pretty surprising how many vulnerabilities Flash files can contain including XSS, embedded SQL statements, encryption keys, login credentials and more. Definitely worth downloading and taking it for a spin. Here's a screenshot of the interface and some findings:Also, check out Billy Hoffman's video walkthrough of ...

    Continue Reading...
  • 03 Jun 2009

    Secret list of nuclear sites released “by accident”

    Apparently our Imperial Federal Government can't even follow its own rules for information privacy and security. It was just announced that a secret list of nuclear sites was released "by accident".First of all, "accidents" are like "computer glitches" - there's almost always human error behind them. Do you see the irony here? How is heavily-regulated private industry to be expected to lock everything down when the very entity writing OUR ...

    Continue Reading...
  • 02 Jun 2009

    Great quote on how our minds work

    Here's a great quote from Bill Meyer that helps reiterate just how powerful our minds really are:"Every thought is a seed. If you plant crab apples, don't count on harvesting golden delicious."It's critical to never lose sight of the fact that we become what we think about the most....

    Continue Reading...
  • 26 May 2009

    Perfect example of an unknown app becoming a known target

    A while back I wrote about a great email server called Icewarp. It wasn't bloatware - it had just what SMBs needed in an email server...Oh, and it wasn't a target for security exploits - an obvious added benefit. But as with anything else, you grow bigger, your app becomes more complex, and you'll no doubt become a bigger target for attacks. As of late Icewarp has grown a lot ...

    Continue Reading...
  • 25 May 2009

    My latest security content

    Here's my latest information security content you may be interested in:How to forge an IT consulting careerHow to maintain IT shop efficiency when you're the last man standingDesktop security preparation for a new wave of Windows appsAs always, be sure to check out www.principlelogic.com/resources.html for all of my information security articles, podcasts, webcasts, screencasts and more....

    Continue Reading...
  • 23 May 2009

    MagicJack – Great concept, awful execution

    You may have heard that AT&T is dropping its CallVantage VoIP service. I'm not too upset since their service has been mediocre and my enhancement requests have been ignored. As of late I've been searching for an alternative solution. I'd heard some good stuff about the MagicJack and thought I'd give it a try. It was a "free" trial so what did I have to lose?Apparently several hours of my ...

    Continue Reading...
  • 21 May 2009

    My CNN TV appearance – yet another mobile drive debacle

    CNN's Mike Ahlers and Elaine Quijano put together an intriguiging segment about a lost hard drive from the National Archives for The Situation Room with Wolf Blitzer television show I appeared on last night. The hyperlink goes to the actual article...the video hasn't been posted yet and they're telling me it may not be. I hope you had the chance to see it live last night. If it gets posted ...

    Continue Reading...

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

I’ve written/co-written 12 books on information security including:

 

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO CISSP cities coronavirus covid-19 cybersecurity data breaches eagle syndrome hacking Hacking For Dummies health helmet communications incident response information risk keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements sql injection tethered spinal cord time management underimplemented vulnerability and penetration testing web security zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.