-
15 Sep 2010New content on data protection & compliance
Here's the full download of the CSO Executive series I wrote recently for Realtimepublishers.com on data protection and compliance in the enterprise:The series consists of the following: Article 1:Primary Concerns of Regulatory Compliance and Data Classification Article 2:Finding, Classifying and Assessing Data in the Enterprise Article 3:Data Protection Reporting and Follow UpEnjoy!...
Continue Reading... -
15 Sep 2010
Hacking Methodology chapter available for download
Chapter 4 of the latest edition of my book Hacking For Dummies is now available for download on TechTarget's SearchWindowsServer.com.If you like what you see, here's a direct link to the book on Amazon where you can save 34% off the cover price: Happy ethical hacking!...
Continue Reading... -
14 Sep 2010
Preventing email denial of service when scanning Web apps
Here's a new piece I've written that outlines one of those pesky Web scanning problems most of us have been affected by in some way or another:Ways to avoid email floods when running Web vulnerability scansHope this helps!...
Continue Reading... -
12 Sep 2010
You cannot secure what you don’t acknowledge
Here's a piece I wrote for SearchSMBStorage.com on storage security...specifically some must-have tools for finding storage-related security flaws in small business.Five must-have data storage security tools for smaller businessesIf you don't know what's where it'll be impossible to keep it secure....
Continue Reading... -
06 Sep 2010
Securing and hacking Windows go hand in hand
Computer hacking concepts extend to every nook and cranny of what we work with on a daily basis. Front and center are Windows-based servers. A large part of what I do in my work performing internal security vulnerability assessments - a.k.a. pen tests and audits - involves Windows servers. There's so much you can do to build up Windows server security and so much you can take to bring it ...
Continue Reading... -
30 Aug 2010
“New” Web security content to check out
Here are several new links to some recent (and, due to my crazy year, not so recent) articles I've written for various TechTarget sites on the subjects of Web application and server security:Web server weaknesses you don't want to overlook (the "rest of the story" of Web flaws)SQL injection tools for automated testing (a must-have for your toolkit)Beefing up SSL to ensure your applications are locked down (good for some ...
Continue Reading... -
12 Aug 2010
Apple’s iPad – a forensic investigation in the making?
Here's a new piece I wrote for SearchCompliance.com on regarding the realities and risks of iPads in the enterprise.Enterprise iPads: Compliance risk or productivity tool?Simply put, they're not all that different that other mobile computing devices but they do bring something unique to the table...Speaking of "i" devices in the enterprise, here's a great read I saw recently in Information Week that outlines a scenario that's at the root of ...
Continue Reading... -
09 Aug 2010
How you can get developers on board with security starting today
Some people - including a brilliant colleague of mine - think security is not the job of software developers. In the grand scheme of things I think such an approach is shortsighted and bad for business. It's kind of like an auto assembly line worker not being responsible for the quality of his work or citizens not being responsible for their own healthcare (oh wait!) or why the bottom 50% ...
Continue Reading... -
20 Jul 2010
Sometimes it’s the little things that’ll get you
If you're like me you've likely experienced in your daily life how something seemingly innocuous or too simple can create a big problem. Here's a new piece I wrote where I talk about this issue with regards to Web security:Web security oversights: Don’t overlook the “small” stuffWith information security there's usually no need to sweat the small stuff....just don't overlook it altogether!...
Continue Reading... -
17 Jun 2010
Ethical hacking and Windows
I recently recorded a podcast with my esteemed editor at SearchWindowsServer.com, Brendan Cournoyer, where we talked about ethical hacking, finding the things that matter in your environment, testing tools and my new book Hacking For Dummies, 3rd edition. Check it out:How ethical hacking fits into Windows security tests...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:
