-
17 Jun 2010Looking under the hood of the new OWASP Top 10 for 2010
While I'm on a roll posting some recent content I thought I'd list this one as well:The new OWASP Top 10 for 2010 – Risk and RealitiesIn this piece I wrote for Acunetix's blog I talk about what the new OWASP Top 10 for 2010 is about, what it's not, and some considerations for leveraging it to help you minimize your business risks....
Continue Reading... -
17 Jun 2010
Using Windows 7’s virtual machine for security testing
Outside of those executives who have their heads in the sand over security there's hardly anything that can keep you from getting your work done more than a Windows system junked up with a bunch of security testing tools.Well, if VMware or VirtualBox haven't been a good fit, perhaps Windows XP Mode in Windows 7 will be. It's a cheap and seamless way to run your security testing tools in ...
Continue Reading... -
17 Jun 2010
Got Domino? Don’t forget about security.
Like Novell NetWare, there's plenty of Domino still running out there so we certainly can't be lax on security for that platform. Here are a couple of pieces I wrote regarding Domino security that you may be interested in:Domino security vulnerabilities to watch forGetting started with hardening Domino...
Continue Reading... -
16 Jun 2010
Data Protection and Compliance in Complex Environments
Here's a new guide I just completed aimed at C-level information protection professionals:The three CREDANT-sponsored pieces cover:Primary Concerns of Regulatory Compliance and Data ClassificationFinding, Classifying and Assessing Data in the EnterpriseData Protection Reporting and Follow upSimply click the image above or browse to Realtime Publisher's landing page for this CSO Executive Series and download from there.By the way, Realtime has a ton of free content practically anyone in our field ...
Continue Reading... -
28 May 2010
Where I’ve been + 2 important reading assignments
Wow, I can't believe it's the end of May....the year's nearly halfway through and I feel like I should still be back in February! After experiencing some family health crises and deaths combined with the busiest year I've ever had with my business (not complaining there!), I've let my blog suffer. I never like to not post for so long but I work to stay true to what I preach ...
Continue Reading... -
30 Apr 2010
Security strategies that lead to success
Here's a new webcast I recorded where I talk about how to use visibility, control, and simplicity to your advantage to take the pain out of IT and security management:Strategies for Securing your Enterprise for SuccessBe sure to check out www.principlelogic.com/resources.html for all of my information security articles, podcasts, webcasts, videos, Twitter updates, and more....
Continue Reading... -
27 Apr 2010
How to become a better presenter
There are a lot of unknowns in IT but one thing's for sure: if you're going to be successful in your job and move up the career ladder you have to sharpen your presentation skills. Here's a new piece I wrote that'll help you get started down the right path:Eight tips every IT pro can use towards becoming a better presenter...
Continue Reading... -
26 Apr 2010
The ultimate SQL Server faux pas, other oversights & solutions
Here's a new piece I wrote where I talk about one of the root causes of SQL Server security issues:The ultimate SQL Server security faux pas: Overlooked systems...along with some additional oversights:Common oversights with SQL Server audits...and, to top things off, some things you can do to lock down your database environment (SQL Server or not)Meet compliance requirements with improved database security practices...
Continue Reading... -
26 Apr 2010
Cracking Windows 7 passwords + a bit on BitLocker
Here's the latest on Windows 7 passwords along with how they can be cracked and some tools for doing so:Cracking passwords in Windows 7I wrote a whitepaper on BitLocker in Windows 7 not long ago and here are some additional thoughts/tips in case you're considering it:Using BitLocker in Windows 7 For additional reading, Paul Thurrott's SuperSite for Windows is a great resource on Windows 7 and more....
Continue Reading... -
19 Apr 2010
Have you seen Win7’s Windows XP Mode?
It's a great way for setting up a virtual testing environment. Here's a recent piece I wrote about it:Using Windows XP Mode for security testing in Windows 7I'm really digging Windows 7....even if you just upgrade your own machine, Windows 7 has lots of things that will help you work more efficiently....
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:
