-
05 Mar 2009Acunetix – a very good Web scanner that keeps getting better
OK, it didn't *just* get better...it's been out for several months - but I've just now gotten a chance to really sit down with it and take it for a spin and write a post about it. I'm talking about Acunetix Web Vulnerability Scanner version 6.NOTE_BEFORE_I_BEGIN: I don't do formal "reviews" but you know how excited I get over cool tools. I found something in this one that I thought ...
Continue Reading... -
26 Feb 2009
My latest security content
Here's my latest stuff....First off, here's an article I wrote for SearchEnterpriseDesktop.com:Using Sysinternals tools in security management scenarios (a follow-up to my previous Sysinternals article)...and a podcast I recorded for SearchCIO.comMobile data protection options for enterprise CIOs (transcript included!)Enjoy!Also, be sure to check out www.principlelogic.com/resources.html for all of my information security articles, podcasts, webcasts, screencasts and more....
Continue Reading... -
25 Feb 2009
Great backup solution for laptops
I haven't mentioned one of my favorite products lately but it deserves repeating. It's Acronis TrueImage Echo Workstation and it's a great way to backup those laptops that no one seems to be backing up. Seriously, from what I can tell in my work, if users aren't backing up their own laptops then no one is doing it. What a shame...what a gaping business continuity hole. [FYI: Acronis makes server ...
Continue Reading... -
23 Feb 2009
Want to know what a breach is going to cost?
When writing a HIPAA-related whitepaper last week for the fine folks at Realtimepublishers.com (TONS of free papers and books on IT & security) I came across two good sites for calculating the cost of a data breach...VERY enlightening numbers from tools that have finally come of age. Keep these tools in mind when you're selling security and compliance to management (I know, it's sad you even have to): Becky Herold's ...
Continue Reading... -
19 Feb 2009
25 Most Dangerous Programming Errors???
Check them out here. I like the concept of the Top 25...it certainly helps spread the word...but who are they kidding when they talk about the Top 25's "major" impacts?!The site claims:*Software buyers will be able to buy much safer software.*Programmers will have tools that consistently measure the security of the software they are writing.*Colleges will be able to teach secure coding more confidently.*Employers will be able to ensure they ...
Continue Reading... -
19 Feb 2009
My latest security content
Here's my latest stuff. First off, here are two articles I wrote for SearchEnterpriseDesktop.com:Sysinternals tools: A must-have for every Windows security toolbox...an article I wrote for SearchSoftwareQuality.com:Web application security gaps not fixed in 2008...and an article I wrote for SearchEnterpriseLinux.com:Five common Linux security vulnerabilities you may be overlookingIn the meantime, be sure to check out www.principlelogic.com/resources.html for all of my information security articles, podcasts, webcasts, screencasts and more....
Continue Reading... -
18 Feb 2009
Great quote regarding laws and policies
Here's something I just came across that reminded me of the cluster$*!@ that's usually created by people trying to put together security policies. It also reminds me of the ridiculous government growth plan (you've gotta read the stuff at this link) created by Obama - our American Idol."Laws are like sausages, it is better not to see them being made." - Otto von Bismarck, 1st Chancellor of the German Empire ...
Continue Reading... -
18 Feb 2009
An upcoming seminar you may want to attend
If you're in or around South Carolina, I'll be leading a seminar on ethical hacking for the South Carolina chapter of ISACA in Columbia on March 19th. It's going to be a fun and enlightening get together.Here's a link to the page if you want more info. Maybe I'll see you there!...
Continue Reading... -
18 Feb 2009
You can rise above this
I took some time off this past week for some fun and relaxation in the snow of Utah. Wow - what a great way to escape!Anyway, when I was out and about I heard people complaining about the economy: "no one's hiring, gas is too high, when am I going to get a bailout?" - that kind of stuff - usually in a drab Squidward-like tone (you SpongeBob fans know ...
Continue Reading... -
10 Feb 2009
The ultimate irony?
Looks like Kaspersky is the latest "victim" of a Web hack. Perhaps an example of focusing too much on one area of information security and not paying attention to the other things that matter??BTW, I just came across a site you may be interested in. It's kind of like the Privacyrights.org Chronology of Data Breaches...yet another way for us to keep up with what's going on out there - at ...
Continue Reading...
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
I’ve written/co-written 12 books on information security including:
