~ Check out my blog at securityonwheels.blogspot.com ~

Who is Principle Logic
My name is Kevin Beaver and I am the founder and principal information security consultant of Principle Logic, LLC. I am a CISSP-certified independent information security expert that you can count on to help advise you on your information security needs along with how you can protect your organization's network, computers, and information assets from malicious use from rogue insiders and criminal hackers. See my bio page for more information on my background and my resources page for more information about the books I've written and more.

What I do
I consult and speak on information security and can help you with the following services:

  • Web site/application security assessments and penetration tests (including PCI Requirement 6.6 tests)
  • Network vulnerability assessments and penetration tests
  • Expert witness services
  • Keynote speaking engagements
  • Information security pre-audits and gap analyses

Rather than perform a checklist audit or run simple security scans and hand over the reports to you, I provide a custom analysis of your information security weaknesses. Think of me as a "radiologist" for your software applications or a "home inspector" for your network -- an expert with who has the right knowledge, tools, training, and experience to help you find, fix, and minimize computer and IT-related weaknesses in your organization and systems. That said, I won't deliver a thick, fluffed-up report that looks pretty on the outside but doesn't contain much substance. I'll tell you just what you need to know - in a way that's easy for you to understand. Nothing more and nothing less. In the end, I'll provide solid advice to help you help your organization become and stay more secure.

If you want the services of an expert witness, a well-known speaker for a keynote address, someone to assess your organization's information security from an outsider's perspective, have a new software application that needs to be tested before it's deployed, or wish to compare how your organization's security posture stands up to international security standards and solid business practices, I can assist you. See my services page for more details on how I can help onsite or over the Internet.

Why utilize my services
I'm a technical guy at heart that understands the business side of security. I'm independent, well-known in the industry, and a good communicator focusing on what really matters with security. My key area of work is on proactive security management. I don't claim to be everything to everyone - no forensics and no security product implementation. This allows me to keep up with the latest vulnerabilities, hacker/rogue insider techniques, and testing tools to ensure you get the most current and comprehensive services possible. It also eliminates any conflicts of interest. I've authored/co-authored seven books on information security including the following:

Hacking For Dummies Hacking Wireless Networks For Dummies Securing the Mobile Enterprise For Dummies Laptop Encryption For Dummies

The Definitive Guide to Email Management and Security The Practical Guide to HIPAA Privacy and Security Compliance Healthcare Information Systems, 2nd edition

My formal education in engineering and business management combined with nearly two decades of hands-on technical experience allows me to provide practical recommendations that make good long-term business sense. No theoretical quadrant charts and no "the sky is falling" type predictions to lock down everything beyond reason. Finally, I'm also a Certified Information Systems Security Professional - CISSP - the industry standard and highest-level certification in my field.

When working with me, you're going to get:

  • Fair pricing relative to the market and the expertise I bring to the table - you'll go into the engagement knowing my fees and your investment - not get caught off-guard at the end
  • A highly-technical engineer that equally understands the business side of information security
  • Small business flexibility and response time – all with minimal overhead. This way you'll pay for knowledge, tools, and experience – not overhead for sales, marketing, operations, brand name, etc.
  • Personal touch service that the big guys can't offer – you'll have the same consultant working with you on an ongoing basis rather than a different person for each project – and no separate sales people or project managers to deal with either
  • Contextual insight into the security vulnerabilities that really matter - not just someone who works off a security checklist or claims everything's at risk because of unimportant issues discovered
  • Leading security testing tools including freeware, open source, and top commercial products from vendors such as Qualys, SPI Dynamics, WildPackets, Application Security, and more.
  • Professional security assessment advice and reports containing unbiased insight and real-world recommendations that all key players in your organization can benefit from
  • A well-known leader in the industry, professional work, and unmatched information security credentials that you can share with your customers, business partners, shareholders, etc. proving that you've got the right person for the job

When you hire me, you’ll start and end up with someone that knows your business, your network, and your needs and offers practical advice on dealing with the information security risks at hand. If we determine that your project requires greater resources than one person can handle, I'll pull in other industry leaders I've worked with and have grown to trust to ensure your work is completed in a prompt and professional manner. Either way, you'll deal with one email address, one phone number, and one person – period.

The bottom line is that I have performed the hands-on work, written the books, taught the classes, and formed a solid reputation for my information security expertise, leadership in the industry, and ongoing customer loyalty. You’ll be truly pleased.

expert witness, computer security expert witness, network security expert, compliance expert, information security expert witness, compliance expert witness, hacking expert, keynote speaker, security keynote speaker, well-known security expert, web application testing, security testing, penetration testing, software security expert, web application security, vulnerability testing, information security pre-audit, security gap analysis, webinspect, web inspect, pci dss, pci 6.6