Kevin Beaver's Security Blog

Interesting quote on human psyche that relates to infosec

I just saw the following quote from publisher Malcolm Forbes that underscores the very essence of the problems we see in information security, business and life in general:"Too many people overvalue what they are not and undervalue what they are."Indeed, so many people want to control or break down (they're one in the same) others because their own lives are out of control. They simply don't believe in themselves. Like ...

With all the recent hype and hoopla over Windows 8 and Server 2012, I thought I'd throw in my two cents into the Microsoft analysis arena...here are some recent pieces I've written that you may be interested in:Thoughts and considerations around the forthcoming System Center 2012 Configuration ManagerWhy the simple Windows 8 Metro interface may not benefit usersMicrosoft Security Compliance Manager enhances desktop securityA first look at Microsoft Office 15 ...

What NTOSpider offers the appsec world

I feel like I've said it a million times: you cannot rely on just one Web vulnerability scanner. There are simply too many vendors doing too many checks across too many websites and applications. The complexity of what needs to be tested is enormous not to mention the quality of the Web vulnerability scanners on the market (tip: you get what you pay for). Well, NTObjectives' NTOSpider is a perfect ...

Want to know the traits of top infosec leaders?

Join me in 24 hours for my webinar with EC-Council (the folks behind the CEH, Certified Ethical Hacker, certification) titled Four Traits of Successful Information Security Leaders.I'll share with you my experiences and mistakes as an information security leader as well some observations I've made of those at the top of their game over the past 11 years I've spent working for myself. There will be a Q&A at the ...

The security conversation is not a one-time deal

...

Focus on yourself and reap the rewards in IT & infosec

If you're in to big-picture IT and information security stuff like, say, your career and focusing on what matters, here are some new bits I've written for TechTarget and Security Technology Executive magazine that you may be interested in:Five habits of highly-successful IT prosSocial networking strategies to further your IT careerFive ways to advance your Windows careerUnderstanding management gets your IT department what it needsRSA's look at the big pictureEnjoy! ...

The weakness of vulnerability scans that people (sadly) ignore

Those of us who live and breathe information security on a daily basis understand that vulnerability scans are only part of the information security assessment equation. We can't live without them but as I've outlined here we by all means cannot rely on them completely.I was just speaking with a colleague about this and came up with an analogy for our overdependence on external vulnerability scans in the name of ...

Great quote that applies to information security

“Follow the path of the unsafe, independent thinker. Expose your ideas to the danger of controversy. Speak your mind and fear less the label of ‘crackpot’ than the stigma of conformity.” – Thomas J. Watson, Jr.I've found that it's a great way to live your life too. :)...

Thank a veteran

Saw this, unsure who wrote it, but I really like it:It is the veteran, not the preacher, who has given you freedom of religion.It is the veteran, not the reporter, who has given you freedom of the press.It is the veteran, not the poet, who has given you freedom of speech.It is the veteran, not the protester, who has given you freedom to assemble.It is the veteran, not the lawyer, ...

Real-life example of people not seeing the big picture

The inability to think long-term, to see the bigger picture consequences of our choices, is no doubt at the root of most information security problems. Here's an example of what I'm talking about...what's wrong with this car?No, this isn't a race car with Hoosier racing slicks...it's a street car owned by someone working or shopping at a Wal-Mart who has chosen to drive with improper equipment. Like many people who ...