-
25 Jun 2011Exchange incident response, ASLR & common Windows security mistakes
From Exchange to Windows Server to Windows at the desktop, here are some new pieces I've written about Microsoft security that you may be interested in:Six commonly overlooked Exchange security vulnerabilitiesSolidify Your Exchange Server Incident Response Plan10 most common security mistakes people are still makingWhy you need address space layout randomization in Windows Server 2008 R2Enjoy!As always, be sure to check out www.principlelogic.com/resources.html for links to my 500+ articles, whitepapers, ...
Continue Reading... -
20 Jun 2011
I’m a speaker at the Gartner Infosec show this week
For those of you who happen to be attending the Gartner Security and Risk Management Summit in DC this week, I'd love it if you could check out my session or at least stop by to say hello. I'll be serving as a panelist on mobile security at the following session:Protect Your Identity, Mobile PC and DataSession Code SPS13 - Potomac Ballroom 19:30-10:30amCheers!...
Continue Reading... -
18 Jun 2011
When’s political correctness going to impact infosec?
Witnessing the Thought Police's handling of the Tracy Morgan debacle I can't help but wonder if political correctness is not the beginning of dictatorships, Communism, etc. where the population is not allowed to speak up or out against anything.Don't get me wrong. Being a libertarian, I'm pro-choice on everything...To each his own. As long as you're not affecting the life, liberty or property of someone else, then say what you ...
Continue Reading... -
17 Jun 2011
Proud to be a speaker on the TechTarget roadshow
I just completed two seminars this past week for TechTarget and CDW...One was in Minneapolis, which by the way, was probably the friendliest city I've EVER visited. Great bunch of folks...thanks for the great Midwestern turnout and hospitality!Our second stop was San Francisco...one of my most favorite cities to visit. I also had the opportunity to visit the nice folks at one of my publishers: Realtimepublishers.com (publisher of my latest ...
Continue Reading... -
17 Jun 2011
Hacking tools & malware creation illegal – what’s next?
With all the criminal behavior taking place on computers around the world, it appears that politicians are seeking some solutions. For instance, European Union Justice Ministers are proposing a ban on hacking tools. I suspect this law will work just as well as gun laws in the U.S. Simply criminalize the inanimate object (or code) and only the law-abiding citizens will comply. It creates the perfect storm for criminals to ...
Continue Reading... -
13 Jun 2011
IT careers, compliance & the Internet “Freedom” Act
Here are some recent pieces I wrote on IT and security careers and compliance that you may be interested in...content that likely applies to your very situation:Career networking dos and don’ts But Compliance is Someone Else’s Job!Cybersecurity and Internet Freedom Act – New name, same gameEnjoy!As always, be sure to check out www.principlelogic.com/resources.html for links to my 500+ articles, whitepapers, podcasts, webcasts, books and more....
Continue Reading... -
13 Jun 2011
New WebsiteDefender from @Acunetix worth a look-see
The folks at Acunetix have a neat new product/service called WebsiteDefender. I've yet to try it myself but it looks promising - fills a nice niche.WebsiteDefender is an agent-based tool for websites and WordPress-based blogs that:Scans your site for security flawsDetects malware running on your siteAlerts you to suspicious web site activity including file changesThe obvious benefit is to have a more secure online presence but as Acunetix is marketing ...
Continue Reading... -
10 Jun 2011
The best information security quote ever
Thinking about all the security incident headlines over the past 30 days alone, this says it all:"We can evade reality but we cannot evade the consequences of evading reality." -Ayn Rand...
Continue Reading... -
08 Jun 2011
Weiner fallout: “I got hacked” is the new scapegoat
I recently met up with some technology lawyer colleagues after work and we shared our thoughts on the Anthony Weiner "incident". We were talking about how early on in the saga no one but Weiner and the lucky recipients of his tweets really knew what the truth was. Predictably, as we're seeing and hearing more and more these days, Weiner came out and said "I was hacked. It happens to ...
Continue Reading... -
07 Jun 2011
New tool for ferreting out users w/local admin rights
Here's a free tool by @ViewFinity (the privilege management vendor I wrote about back in March) that helps you discover user accounts that have local admin rights:Viewfinity Local Admin Discovery...looks pretty neat if you have a need for running a quick test during an assessment or audit or just want to have something to use periodically to ensure user accounts are kept in check....
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
I’ve written/co-written 12 books on information security including one of the best-sellers of all time:
