-
16 Nov 2010Becoming a more refined Web security expert
Here are some recent pieces I've written on Web application security and testing that you may be interested in. From getting started in your career to cloud security to doing Web application security testing the right way...check 'em out:The secrets to getting started in your software testing careerFour skills that will make you a better web security professionalBuilding solid security requirements Security oversights in the cloud: Asking the tough questionsWhy ...
Continue Reading... -
11 Nov 2010
Internet Password Breaker – yet another reason to encrypt your laptops
Elcomsoft just released their new version of Elcomsoft Internet Password Breaker which now supports Chrome, Opera, Safari and Firefox. In essence the program can recover passwords, sensitive form data and so on that users have conveniently stored in their browsers for the past, oh, several years. Furthermore, the tool can now instantly recover Microsoft Outlook, Outlook Express, Windows Mail and Windows Live Mail account info, user IDs, passwords and cached ...
Continue Reading... -
10 Nov 2010
The fundamental flaw of information security in SMBs
Here's a good piece that Entrepreneur Magazine put together for SMBs to ensure they have a secure information systems environment. I don't disagree with any of the recommendations. What I do find interesting is that there's no mention of "determine where you're weak".Be it in the beginning before you put all of the recommended controls in place (and potentially saving yourself a lot of time/money if it's determined you don't ...
Continue Reading... -
09 Nov 2010
Some things you need to know about Windows Firewall & Microsoft Security Essentials
Here are a couple more pieces I wrote for SearchEnterpriseDesktop.com where I ponder the utility of Windows Firewall as well as a few things you may not have thought about regarding Microsoft Security Essentials:Weighing Windows Firewall for enterprise desktop protectionMicrosoft Security Essentials may protect non-enterprise users in your businessMicrosoft Security Essentials – when it may not be a good fit...
Continue Reading... -
09 Nov 2010
My (belated) thoughts on Intel’s purchase of McAfee
I've been so busy working that I've failed to post some timely pieces I wrote over the summer...here's one of them:Intel's McAfee buy marks a turning point for securityI truly believe we cannot even fathom how this acquisition will impact us long term....
Continue Reading... -
09 Nov 2010
Windows 7 security tools & password weaknesses
Here are some recent SearchEnterpriseDesktop.com pieces I wrote regarding Windows 7 security...enjoy!Using Windows 7's built-in features to keep your desktops secureWindows 7 doesn’t end the need to monitor passwords...
Continue Reading... -
04 Nov 2010
Interesting findings from Venafi on encryption management
Information security vendor Venafi released a survey at the October Gartner show that has some interesting findings related to encryption management:Organizations anticipate a 27% year-over-year certificate and key inventory growth rate85% of organizations manage encryption certificates and private keys manually via spreadsheet and reminder notes 78% of organizations have experienced system downtime due to encryption failures in the past 12 monthsGiven what I see in my information security assessments - ...
Continue Reading... -
04 Nov 2010
Using GFI LANguard to find open network shares
Have you see what your users are sharing up on your network? What about your server shares - are they divulging too much PII and intellectual property to any Joe Blow on the network?Outside of mobile security (smartphone weaknesses, lack of laptop encryption, etc.) the problem of unstructured information scattered about the network is a very predictable high priority finding in any given security assessment.The reality is you cannot secure ...
Continue Reading... -
03 Nov 2010
Let the smoke (and mirrors) clear
Finally, some hope and change we can believe in!But not so fast...a quick note to all the Republicans out there: you didn't get voted in because people are embracing you...people are just tired of seeing the Democrats' lack of principles and leadership- not to mention their taking money (by force) from the people who earn it and giving it to those who don't deserve it - undermining and effectively destroying ...
Continue Reading... -
02 Nov 2010
Today is the day
Today is the day we get a chance to vote for more government or less government.Today is the day those of us in America can begin to stop the bleeding we've been experiencing since January 20, 2009. Technically, for decades.Today is the day we're empowered to remind the career politicians around our country that we the people are in charge. Not them.Today is the day we stop giving up little ...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
I’ve written/co-written 12 books on information security including:
