• 20 Aug 2008

    Can’t wait to try this tool out…

    ...it's been out for a few weeks and wow, it looks really neat. Great way to demonstrate the vulnerabilities associated with Wi-Fi in the enterprise. I've actually been wondering when someone would come up with a tool like this.http://metasploit.com/dev/trac/wiki/KarmetasploitKarmetasploit acts as a wireless access point serving up legitimate-looking services such as SMTP, DNS, etc. It can be used to capture email passwords, retrieve info from Web form fields, exploit Web ...

    Continue Reading...
  • 20 Aug 2008

    Great quote related to moving ahead in your security career

    "Everyone starts from scratch, but not everyone keeps on scratching!" - Anonymous...

    Continue Reading...
  • 19 Aug 2008

    Neat site for getting the scoop on people’s backgrounds

    Want to see what the real scoop is on the person you're hiring but don't want to spend any $$$ on running a background check? I know, it's only like $5 but I'm just being realistic because I know some people would not spend that kind of money willy-nilly. Or, are you not getting a good feeling about your boss and are wondering about his or her past? Well, here's ...

    Continue Reading...
  • 18 Aug 2008

    My security content from last week

    I'm running a day behind! Here's a recent podcast I recorded with my bud David Nielson at SearchWindowsSecurity.com regarding the DNS flaw:DNS flaw threatens Windows shopsI'm still waiting on about 5 others articles to be published. Will you know as soon as they are. For all my information security resources, be sure to check out www.principlelogic.com/resources.html....

    Continue Reading...
  • 18 Aug 2008

    Telecommuting OK for execs but not for staff?

    I've been harping on this subject for a while. Why don't more managers let their employees telecommute? After all, it helps morale, can boost productivity, and even impresses those who buy in to the religion of "global warming".Then I came across this article citing evidence that apparently more in management are telecommuting themselves...The email I received this in had the headline "Joining the telecommute revolution". Everybody, quick! Jump on the ...

    Continue Reading...
  • 15 Aug 2008

    Access to one card at a time isn’t a bad thing?

    I'm writing an article series that includes some information about PCI DSS. In my research, I noticed something interesting - almost comical - about Requirement 12.7:Screen potential employees to minimize the risk of attacks from internal sources. For those employees such as store cashiers who only have access to one card number at a time when facilitating a transaction, this requirement is a recommendation only.So, "access to one card number ...

    Continue Reading...
  • 14 Aug 2008

    But if knowledge relies on information, then…

    I was thinking some more about the knowledge=power equation. To have knowledge we have to have information, right? But information is also a weakness in the context of the work we do, agreed?So, does weakness=power? I don't know for sure...Having trouble wrapping my head around this. I never really did all that well in Algebra anyway. ;)...now back to work....

    Continue Reading...
  • 14 Aug 2008

    Knowledge is power but…

    I came across this quote that applies to what we do in information security:"Knowledge is power, but enthusiasm pulls the switch" - Ivern BallIt applies to our careers and how successful we are....Knowledge is really the easy part.It also applies to how well we manage risks...It's all a matter of choice....

    Continue Reading...
  • 13 Aug 2008

    Very clever way of recovering passwords from MD5 hashes

    In his infinite wisdom, Vladimir Katalov with Elcomsoft has developed tool called MD5 Password Cracker that uses the computing power of NVIDIA graphics cards to recover passwords from MD5 hashes. Very cool. And it's free.According to Elcomsoft, for comparison, this type of cracking on a 2.2 GHz Intel Core 2 Duo E4500 processor only yields about 30 million passwords per second and around 70 million per second on Intel Core ...

    Continue Reading...
  • 11 Aug 2008

    Good recap of Black Hat Briefings

    My colleague Mike Rothman over at SecurityIncite (great blog with lots of good stuff) has a couple of posts recapping the Black Hat show from last week...I was going to go until I realized it conflicted with some family stuff...anyway, good reads:Black Hat 2008 Day 1: We're Screwed!Black Hat 2008 Day 2: Web 2.0 mayhem...

    Continue Reading...

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

I’ve written/co-written 12 books on information security including:

 

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO CISSP cities coronavirus covid-19 cybersecurity data breaches eagle syndrome hacking Hacking For Dummies health helmet communications incident response information risk keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements sql injection tethered spinal cord time management underimplemented vulnerability and penetration testing web security zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.