-
20 Sep 2010With this tool there’s no excuse to not analyze your source code
A few months back I wrote about Checkmarx's CxDeveloper source code analysis product. Well, I've had some more recent source code analysis experience with the tool and thought I'd write a follow up piece.I'll start by saying that I can't stress how cost-effective this tool is for performing source code analysis...esp. when similar products cost MUCH more. Granted, I haven't performed my own run-off between CxDeveloper and the likes of ...
Continue Reading... -
20 Sep 2010
Be careful what you ask for
Richard Carlson once said "Be careful what you ask for....sometimes your life is pretty darn good exactly the way it is." He went on to say "Think carefully through what it is you think you want, because you just might end up getting it, which is often more than you bargained for - more frustration, more grief, more travel, more responsibility, more conflict, more demands on your time, and so ...
Continue Reading... -
20 Sep 2010
Silent tyranny in the name of “cybersecurity”
I just finished a new article on the Cybersecurity Act of 2009 (a.k.a. Rockefeller-Snowe Cybersecurity Act or S. 773) and the equally scary Protecting Cyberspace as a National Asset Act of 2010 (a.k.a. Lieberman-Carper-Collins or S. 3480). Goodness gracious folks. Have you read these pieces of legislation yet? Are you tracking what's going on? There's some serious government control headed our way if we sit back at let politicians force ...
Continue Reading... -
17 Sep 2010
Unique new book on least privilege security in Windows
I've been reading through Russell Smith's new book Least Privilege Security for Windows 7, Vista and XP and I've realized it's about time for a book on this subject. I've covered some of the material in the past including in my recent SearchWinIT.com tip Should Windows users have full administrative rights? and I know there's content on this topic scattered across various books, articles, etc. but I've never seen a ...
Continue Reading... -
17 Sep 2010
Are your high-tech devices enslaving you?
I saw a recent Don't Sweat the Small Stuff calendar quote where Richard Carlson said:"It's important to see when your high-tech communication devices actually limit your freedom, enslaving you instead of providing new opportunities for growth." Wow, how true that is! Ever tried to not look at your emails or answer phone calls when you're out and about with your family or taking some time to yourself? Especially when you're ...
Continue Reading... -
16 Sep 2010
Article 2, Section 1: Employees shall not be allowed to defend themselves
Here's an interesting scenario of company policy versus state law. Regardless of the interpretation and how it turns out, way to go Iron Mountain for making it known your employees are unarmed!In the same spirit of those "zero tolerance" school zones that tell the bad guys that there's no one there to defend themselves, this kind of stuff is absolutely mindless....
Continue Reading... -
15 Sep 2010
New content on data protection & compliance
Here's the full download of the CSO Executive series I wrote recently for Realtimepublishers.com on data protection and compliance in the enterprise:The series consists of the following: Article 1:Primary Concerns of Regulatory Compliance and Data Classification Article 2:Finding, Classifying and Assessing Data in the Enterprise Article 3:Data Protection Reporting and Follow UpEnjoy!...
Continue Reading... -
15 Sep 2010
Hacking Methodology chapter available for download
Chapter 4 of the latest edition of my book Hacking For Dummies is now available for download on TechTarget's SearchWindowsServer.com.If you like what you see, here's a direct link to the book on Amazon where you can save 34% off the cover price: Happy ethical hacking!...
Continue Reading... -
14 Sep 2010
Preventing email denial of service when scanning Web apps
Here's a new piece I've written that outlines one of those pesky Web scanning problems most of us have been affected by in some way or another:Ways to avoid email floods when running Web vulnerability scansHope this helps!...
Continue Reading... -
12 Sep 2010
You cannot secure what you don’t acknowledge
Here's a piece I wrote for SearchSMBStorage.com on storage security...specifically some must-have tools for finding storage-related security flaws in small business.Five must-have data storage security tools for smaller businessesIf you don't know what's where it'll be impossible to keep it secure....
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
I’ve written/co-written 12 books on information security including one of the best-sellers of all time:
