-
08 Feb 2012Video: My new whitepaper on SQL Server security threats & compliance
Check out my new whitepaper The SQL Security Security Threat - It's closer than you think sponsored by Idera:...
Continue Reading... -
19 Dec 2010
MS Exchange security + hacking and hardening SQL Server
Here are some new articles I've written for TechTarget that you may be interested in:Nine Exchange server risks you don’t want to overlookTen hacker tricks to exploit SQL Server systems (and oldie that I recently updated)Do you need to harden SQL Server 2008 R2?Enjoy!...
Continue Reading... -
26 Apr 2010
The ultimate SQL Server faux pas, other oversights & solutions
Here's a new piece I wrote where I talk about one of the root causes of SQL Server security issues:The ultimate SQL Server security faux pas: Overlooked systems...along with some additional oversights:Common oversights with SQL Server audits...and, to top things off, some things you can do to lock down your database environment (SQL Server or not)Meet compliance requirements with improved database security practices...
Continue Reading... -
17 Apr 2010
Essentials for cracking SQL Server passwords
Looking to check the resiliency of your Microsoft SQL Server systems? You may very well find that you don't have to look much further than weak/blank passwords to gain full access. I've come across a few vulnerable SQL Server systems via manual analysis. However, I couldn't live without a small set of SQL Server password cracking tools that you should check out as well.Here's a piece I wrote that can ...
Continue Reading... -
19 Mar 2010
New tips on 4 facets of encryption
Been wondering about the latest on mobile/backup/database/email encryption? Well, here are some recent tips I wrote to TechTarget that'll help you get the ball rolling:Securing SMB laptopsSecuring removable media with BitLocker To GoSecure your data backups with encryption key management best practicesEncryption – the great security control that nobody’s usingThe true value of transparent data encryptionIs full email encryption the solution to Exchange security?...
Continue Reading... -
12 Oct 2009
Cool tool for cracking/resetting SQL Server passwords
Elcomsoft has a neat - and relatively new - tool called Advanced SQL Password Recovery I thought you may be able to benefit from. It can be used to change any SQL Server databases protected by a password included SQL Server 2000, 2005 and 2008. All you need is access to the master.mdf file. SQL Server optional.I was going to show a screenshot but there's not that much to show...you ...
Continue Reading... -
10 Mar 2009
My latest security content
I have some new information security content that you may be interested in. First, here's an article I wrote for SearchSQLServer.com:The fine line between not encrypting your databases and breach notification...and two articles I wrote for SearchSoftwareQuality.com:Using the Firefox Web Developer extension to find security flawsCloud computing and application security: Issues and risksEnjoy!Also, be sure to check out www.principlelogic.com/resources.html for all of my information security articles, podcasts, webcasts, screencasts and ...
Continue Reading... -
28 Oct 2008
My latest security content
Here are two articles I wrote for SearchEnterpriseDesktop.com:Enhancing patch management with NAPUnauthenticated vs. authenticated security testing Here's an article I wrote for SearchSQLServer.com:New security features in SQL Server 2008 leave some work for you...and finally a podcast I just recorded for SearchEnterpriseDesktop.com:Security Policies for Windows SystemsBe sure to check out www.principlelogic.com/resources.html for all of my information security articles, podcast interviews, webcasts, screencasts and more....
Continue Reading... -
05 Sep 2008
My security content from this week
Here are two articles I wrote for Security Technology & Design magazine (a really good trade rag covering both IT and physical security) as well as another piece for Redmond Developer News I was interviewed for. Enjoy!Get Certified? The real deal with information security training and certifications10 Ways to Protect Your Web ServersDespite Help From Microsoft, SQL Injections Remain A Threat As always, be sure to check out www.principlelogic.com/resources.html for ...
Continue Reading... -
06 Jun 2008
My security content from this week
Here's an information security article of mine that was published this week:How insiders hack SQL databases with free tools and a little luckAs always, for my past information security content be sure to check out www.principlelogic.com/resources.html.Enjoy!...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:
