-
28 Jun 2010Secure your home Wi-Fi or forever hold your peace
Google has provided us with yet another reason to keep our home wireless networks secure. Speaking of that, in case you're wondering where things stand, here's a great tool for finding out just how vulnerable your wireless network utilizing WEP and WPA-PSK can be.Our society's continued privacy invasion never ceases to amaze me. And we, by and large (especially with Google), just blow it off and move on....
Continue Reading... -
28 Jun 2010
Mobile security problems & solutions: our podcast from Gartner
Eric Green has put together a very-well produced podcast from last week's Gartner conference where Larry Ponemon, Stan Gatewood, and I discussed mobile security risks and metrics on the show floor.Also, check out Eric's other podcasts on his site...very sharp guy....
Continue Reading... -
24 Jun 2010
Responsibility & action come from individuals not government
Being in DC and Chicago this week watching local news and observing all the bumper sticker slogans reminds me of the saddening enormity of how all this change we can believe in is impacting our country and the future of our families. The thing that stands out the most is the lack of personal responsibility and the dependence on government to handle all our woes - both in our personal ...
Continue Reading... -
23 Jun 2010
Dario Franchitti and I
As many of you know I'm a motorsports nut -both as a driver and a fan. This provided the influence for my Security On Wheels logo. Well, after my speaking session at Gartner yesterday I headed out of DC early this morning. Unfortunately, we had a long flight delay heading over to Chicago where I'm taking a class but the wait and the hassle were worthwhile. I got to meet ...
Continue Reading... -
20 Jun 2010
Like Metasploit? You’ve gotta check out Metasploit Express.
Here's a piece I just wrote for SearchEnterpriseDesktop.com where I talk about Rapid7's new Metasploit Express. It has its kinks and was a bit finicky to use but Metasploit Express will no doubt provide a breath of fresh air for pen testers - and now, less technical auditors - all around....
Continue Reading... -
17 Jun 2010
Ethical hacking and Windows
I recently recorded a podcast with my esteemed editor at SearchWindowsServer.com, Brendan Cournoyer, where we talked about ethical hacking, finding the things that matter in your environment, testing tools and my new book Hacking For Dummies, 3rd edition. Check it out:How ethical hacking fits into Windows security tests...
Continue Reading... -
17 Jun 2010
Looking under the hood of the new OWASP Top 10 for 2010
While I'm on a roll posting some recent content I thought I'd list this one as well:The new OWASP Top 10 for 2010 – Risk and RealitiesIn this piece I wrote for Acunetix's blog I talk about what the new OWASP Top 10 for 2010 is about, what it's not, and some considerations for leveraging it to help you minimize your business risks....
Continue Reading... -
17 Jun 2010
Using Windows 7’s virtual machine for security testing
Outside of those executives who have their heads in the sand over security there's hardly anything that can keep you from getting your work done more than a Windows system junked up with a bunch of security testing tools.Well, if VMware or VirtualBox haven't been a good fit, perhaps Windows XP Mode in Windows 7 will be. It's a cheap and seamless way to run your security testing tools in ...
Continue Reading... -
17 Jun 2010
Got Domino? Don’t forget about security.
Like Novell NetWare, there's plenty of Domino still running out there so we certainly can't be lax on security for that platform. Here are a couple of pieces I wrote regarding Domino security that you may be interested in:Domino security vulnerabilities to watch forGetting started with hardening Domino...
Continue Reading... -
16 Jun 2010
Data Protection and Compliance in Complex Environments
Here's a new guide I just completed aimed at C-level information protection professionals:The three CREDANT-sponsored pieces cover:Primary Concerns of Regulatory Compliance and Data ClassificationFinding, Classifying and Assessing Data in the EnterpriseData Protection Reporting and Follow upSimply click the image above or browse to Realtime Publisher's landing page for this CSO Executive Series and download from there.By the way, Realtime has a ton of free content practically anyone in our field ...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
Kevin has written/co-written 12 books on information security including one of the best-sellers of all time:
