• 07 Jan 2009

    Do you use the “try” construct in your logic decisions?

    During a recent security assessment I was reviewing some application development standards my client had in place. One of the requirements was for developers to never use the "try" construct in their programming to make logic decisions. This struck a chord with me. I realized this is no different in real life.As Yoda once said: "Do or do not, there is no try." I absolutely love that saying. In fact, ...

    Continue Reading...
  • 05 Jan 2009

    Have you reached your stopping point?

    Welcome back and Happy New Year!!We've all got job security on our minds as much as information security going into 2009. With that today is a big day. Not because of all the emails, meetings, and gargantuan to-do lists we have to start working on. That's all little stuff.Today's a big day because it's the perfect day to scrap that nasty habit of creating those pie-in-the-sky New Year's resolutions that ...

    Continue Reading...
  • 31 Dec 2008

    Very cool thing about the Sysinternals tools

    OK, I'm a bit late to the punch on this one but just in case you don't know, the awesome Sysinternals tools (a must-have for every security pro) are now available online for immediate access here. No more downloading, unzipping, etc. - just click and run...assuming you can get past your Web browser controls. ;)...

    Continue Reading...
  • 30 Dec 2008

    Interesting solution to the new Red Flags requirements

    I can't vouch for the quality of this offering I recently came across it but it does look interesting. It's called CompliancePal and it helps businesses automate/manage the requirements of the new FTC Red Flags Rules that are intended to help fix the problem we have with identity theft here in the U.S.Heaven knows business managers need help taking the pain out of the compliance process wherever they can!...

    Continue Reading...
  • 30 Dec 2008

    What if you had to pay for your software licenses?

    I've learned the hard way and have since touted the benefits of automating as much as you can when it comes to IT and security management. Software licensing is no different. Here's an interesting story about a time-consuming costly software license audit from Microsoft and AutoDesk that could happen to any given organization at any given time. I suspect the outcome would've been much less painful had this gentleman been ...

    Continue Reading...
  • 18 Dec 2008

    My latest security content

    Here's a webcast on IM/VoIP/P2P I just recorded for SearchWinIT.com:The Challenges and Solutions of Realtime CommunicationsHere are two articles I wrote for the latest issue of Security Technology & Design magazine:Mobile Security - Is anyone listening?Wireless Security: Does it still matter?Be sure to check out www.principlelogic.com/resources.html for all of my information security articles, podcast interviews, webcasts, screencasts and more....

    Continue Reading...
  • 17 Dec 2008

    What, employees exploiting the new Windows flaw???

    I've been talking about (and exploiting in my internal security assessments) this very thing for a long time and it's finally reaching the "mainstream media". Never ever underestimate the intentions of rogue insiders to exploit a Windows flaw like this.It's not just this Windows exploit....It's a whole slew of them. And Metasploit's cheap and very easy to use....

    Continue Reading...
  • 15 Dec 2008

    Think of this guy as your corporate lawyer

    Here's an enlightening interview with a tech-savvy lawyer, Chris Wolf, regarding data breach laws. The question posed to Chris is: what would you advise companies when it comes to data breach?In a nutshell, his response is: Get ready in advance.The $64,000 question: Would you tell your corporate lawyer no to this?...

    Continue Reading...
  • 15 Dec 2008

    A new channel for data leakage/breaches?

    I just had a flashforward moment a minute ago. I was dragging and dropping a file on my Windows desktop and it "landed" on the Skype window I had open. It didn't do anything because I caught it in time but I thought: Oh no! What if I accidentally transmitted a file to someone in my phonebook? Perhaps someone that didn't need to see that file.But then I thought - ...

    Continue Reading...
  • 12 Dec 2008

    Goodbye to a number of long-time friends/colleagues

    One of my best and most long-term customers, TechTarget, announced layoffs yesterday that affected a number of really good business relationships I've had over the years. I interacted with a dozen or so TechTarget employees on a weekly - sometimes daily - basis and I'm very sad to see them go.I wish the very best to the people who were laid off and also the best to TechTarget. There are ...

    Continue Reading...

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

I’ve written/co-written 12 books on information security including one of the best-sellers of all time:


Hacking For Dummies, 8th edition penetration testing book

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO compliance coronavirus covid-19 cybersecurity data breaches discipline eagle syndrome hacking Hacking For Dummies health helmet communications incident response keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements tethered spinal cord tiktok time management underimplemented vulnerability and penetration testing web security willingness zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.