• 13 Jun 2011

    New WebsiteDefender from @Acunetix worth a look-see

    The folks at Acunetix have a neat new product/service called WebsiteDefender. I've yet to try it myself but it looks promising - fills a nice niche.WebsiteDefender is an agent-based tool for websites and WordPress-based blogs that:Scans your site for security flawsDetects malware running on your siteAlerts you to suspicious web site activity including file changesThe obvious benefit is to have a more secure online presence but as Acunetix is marketing ...

    Continue Reading...
  • 07 Jun 2011

    New tool for ferreting out users w/local admin rights

    Here's a free tool by @ViewFinity (the privilege management vendor I wrote about back in March) that helps you discover user accounts that have local admin rights:Viewfinity Local Admin Discovery...looks pretty neat if you have a need for running a quick test during an assessment or audit or just want to have something to use periodically to ensure user accounts are kept in check....

    Continue Reading...
  • 25 May 2011

    If you don’t have NetScanTools Pro v11, you’re missing out

    It's been a long time coming but the latest incarnation of one of my favorite network/security tools - NetScanTools Pro v11 - is out. Kirk Thomas at Northwest Performance Software has done a bang-up job on the user interface in the new version...something that's gotten better - albeit slowly - over the years. Not that I could do any better - I can't imagine having to know network protocols at ...

    Continue Reading...
  • 28 Mar 2011

    A quick review of WebInspect 9 shows HP’s still got it

    It's been a long time coming but it's finally here: HP's WebInspect version 9. I've been using WebInspect for nearly 10 years now and I believe this new version of WebInspect is one of the most significant upgrades they've put out. They've essentially taken what was already one of the best Web vulnerability scanners and have made it better, especially when it comes to workflow and streamlined usability.A few things ...

    Continue Reading...
  • 26 Mar 2011

    Viewfinity’s latest privilege management offering

    I had the opportunity to meet up with my colleague Matt Stubbs with SnappConner on a recent visit to Salt Lake City. One of the things we discussed was Viewfinity's new privilege management software release.Viewfinity provides a public or private cloud solution to locking down Windows desktops including:getting your arms around administrator-level privileges (perhaps once and for all?)allowing users to install permitted applications, printers, etc.blocking/whitelisting of applicationsCheck out this screencast ...

    Continue Reading...
  • 23 Dec 2010

    Quick step-through of Metasploit Express

    I've been raving about the penetration testing tool Metasploit for a while. With the release of Metasploit Express earlier this year I'm even more pleased with all the efforts HD Moore and his team have put forth. Metasploit Express is a commercial product you'll have to pay for but to me it's well worth the investment. It's easier to use, it has nice reporting and more. All the things we ...

    Continue Reading...
  • 10 Dec 2010

    Canon’s digital camera image originality not so original

    How's this pic for an attention grabber?!Well, the folks at Elcomsoft have done it again. This time they've discovered a vulnerability in Canon's Original Data Security system demonstrating that digital image verification data can be forged. Apparently Canon has yet to respond.Why is this a big deal? Well, it's impactful for the media, for forensics investigators, and for those of us in infosec as digital images are used in many ...

    Continue Reading...
  • 11 Nov 2010

    Internet Password Breaker – yet another reason to encrypt your laptops

    Elcomsoft just released their new version of Elcomsoft Internet Password Breaker which now supports Chrome, Opera, Safari and Firefox. In essence the program can recover passwords, sensitive form data and so on that users have conveniently stored in their browsers for the past, oh, several years. Furthermore, the tool can now instantly recover Microsoft Outlook, Outlook Express, Windows Mail and Windows Live Mail account info, user IDs, passwords and cached ...

    Continue Reading...
  • 04 Nov 2010

    Using GFI LANguard to find open network shares

    Have you see what your users are sharing up on your network? What about your server shares - are they divulging too much PII and intellectual property to any Joe Blow on the network?Outside of mobile security (smartphone weaknesses, lack of laptop encryption, etc.) the problem of unstructured information scattered about the network is a very predictable high priority finding in any given security assessment.The reality is you cannot secure ...

    Continue Reading...
  • 18 Oct 2010

    AppDetectivePro v7 worth checking out

    Have you checked out Application Security's (somewhat) new AppDetectivePro version 7? Have you even heard of AppDetectivePro? If not, it needs to be on your radar. It's a powerful database vulnerability scanner that can perform both unauthenticated penetration tests as well as authenticated audits of SQL Server, Oracle, MySQL, DB2, Notes/Domino and Sybase (wow) systems. A screenshot of a penetration test of an Oracle 11g-based system is shown below:AppDetective is ...

    Continue Reading...

Success expert Brian Tracy shares his thoughts on Kevin:

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:


Hacking For Dummies, 8th edition penetration testing book

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO compliance coronavirus covid-19 cybersecurity data breaches discipline eagle syndrome hacking Hacking For Dummies health helmet communications incident response keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements tethered spinal cord tiktok time management underimplemented vulnerability and penetration testing web security willingness zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.