• 23 Jun 2008

    You don’t say…A new Mac Trojan?

    They haven't had one in a while....so it's about time again.New Mac Trojan Disables Security, Steals Passwords...

    Continue Reading...
  • 23 Jun 2008

    My security content from last week

    I was out the latter part of last week so I missed my 'deadline'. Here's an article hot off the press that you may be interested in:The realities of using WAFs for PCI DSS 6.6 complianceEnjoy!As always, check out www.principlelogic.com/resources.html for all of my past articles, webcasts, podcasts, and more.Publish Post...

    Continue Reading...
  • 17 Jun 2008

    One more thing Representative Wolf…

    In regards to my post yesterday about your calling out for better computer security at the Federal level, you may want to consider hardening your systems with the OMB Federal Desktop Core Configuration Checklists found at the following link:http://nvd.nist.gov/ncp.cfm?fdcc_chklstUs taxpayers have funded this and other great security documents for people just like you....

    Continue Reading...
  • 17 Jun 2008

    Thought for the day on security policies

    Here's an interesting quote I just came across that fits nicely into the mold of security policy management and enforcement:"The test for determining the scope of this provision must not be subject to manipulation by those whose power it is designed to restrain." - from the Supreme Court's decision restoring the writ of habeas corpus...

    Continue Reading...
  • 16 Jun 2008

    So, when it happens to YOU it deserves attention…?

    So, U.S. Representative Frank Wolf's computers have gotten hacked into...Now he's wasting everyone's time on the House floor by calling for greater protection of congressional computer and information systems. What a dummy!Mr. Wolf: computers are getting hacked left and right day in and day out in business and in government. So now that you've been victimized we all of a sudden need tighter controls!? How about obeying your own law ...

    Continue Reading...
  • 16 Jun 2008

    Interesting product to protect source code

    If you write Windows apps (standard 32-bit or .NET) and want to protect them against reverse engineering and tampering check out V.i. Labs Code Armor. I haven't used it so I can't comment on how well it works...it just seems like a neat product.While most organizations have many, many security issues at a much higher level they need to focus on first, I could see such a product as a ...

    Continue Reading...
  • 13 Jun 2008

    New PCI assessor quality assurance program!?

    What? You mean that when an organization pays thousands and thousands of dollars to become a PCI assessor it doesn't guarantee the quality of their work is going to be top notch!!?? An assessor quality assurance program is in the works....? Is the marketing machine failing these vendors?I'm shocked. ;-)...

    Continue Reading...
  • 13 Jun 2008

    My security content from this week

    Here's an information security article of mine that was published this week:The realities of PCI DSS 6.6 application code reviewsI'll have a follow-up to this one on the realities of Web application firewalls coming soon.As always, for my past information security content be sure to check out www.principlelogic.com/resources.html.Enjoy!...

    Continue Reading...
  • 11 Jun 2008

    100% Secure Site? Yeah, right…

    I was ordering some Aqua Globes today (I don't normally fall for these as-seen-on-TV products but this one seems to fit a need I have) and saw on their site a bold statement of "100% SECURE SITE". You can see it here. Apparently the same folks that have infiltrated other e-commerce sites claiming "HACKER PROOF".Wow - what a BOLD statement!I wonder how often they test their site/application using automated scanners ...

    Continue Reading...
  • 10 Jun 2008

    How to stumble across new Web vulnerabilities

    I just learned how a lesser-known Web vulnerability scanner can prove to be as valuable as the big dog high-end scanners. Acunetix Web Vulnerability Scanner - an excellent Web scanning tool, especially for the price - found a weak Web login/password combo. Obviously something that can lead to all sorts of security issues. It would take a lot more time and effort to uncover this in a real-world Web security ...

    Continue Reading...

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

I’ve written/co-written 12 books on information security including one of the best-sellers of all time:


Hacking For Dummies, 8th edition penetration testing book

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO compliance coronavirus covid-19 cybersecurity data breaches discipline eagle syndrome hacking Hacking For Dummies health helmet communications incident response keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements tethered spinal cord tiktok time management underimplemented vulnerability and penetration testing web security willingness zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.