The much anticipated FastTrack Schedule 10 was released by Sterling Virginia based AEC Software this week. This version promises effort driven scheduling. I love FastTrack Schedule and have been using FastTrack Schedule since version 7. Effort driven scheduling is the one feature that has been lacking all these years. I am very excited to role up my sleeves and dive in!

AEC Software describes the feature – “For tasks that can be completed faster by adding more resources, use effort-driven scheduling for simple schedule compression. Automatically adjust task durations as resources are added or subtracted, while keeping the total work for a task constant.”

Here is a video about effort driven scheduling:

Here is a video about the Mac Version:

Did your grammar school teacher ever tell you to brainstorm your ideas using a spider web?

Let’s see… I want to write a story about summer vacation. We spent 5 days in Orlando, went to sea world, Disney world, and spent a lot of time at the pool.

Did it work for you? In modern day business we call that Mind Mapping. You take your central idea (i.e. your project) and then break it down into further detail (phases, activities, tasks). The best part is you can start with the stuff you know and then drag and drop your ideas on to phases as you see fit. No more writing your thoughts down on a spiral notebook page. It’s done on your computer. Now if you are really smart, which I am sure you are since you’re reading this post, you are thinking about hooking your computer up to a projector and meeting with your project kickoff team to scope out the project details.

Bottom line… it is a must in project management. If don’t have a Mind Mapping tool, what are you waiting for? Get one now. And use it!

So how do you pick a good mind mapping tool? Well, there are a lot out there, but I have narrowed it down to two; the Coke and Pepsi of mind mapping, Mindjet MindManager & Matchware MindView. (Huh? It seems the letter M is very popular with these guys).

What I like about both of them:
Easy to start using out of the box
Appealing user interface (Windows – adopted the ribbon interface, Mac version – looks and feels like a Mac product should.

What I don’t like about both:
The Mac version for both has less features than their Windows counterpart.
.

MindManager
Cost $399
Demo: 30 Day
Gantt View – No, Integrates with JCVGantt (Boo!)
Office Integration – Yes
Website Resources, Support, and Help – Yes
Mac Version (less features, cost $129)

MindView
Cost $389
Demo: 20 Day (Boo!)
Gantt View – Yes (except on Mac)
Office Integration – Yes
Website Resources, Support, and Help – Yes
Mac Version (less features, cost $229)

To sum up, these are both good products. I started using MindManager first, and it was the only mind mapping tool I liked, until I found MindView, which essentially offers the same thing, but with an integrated Gantt view. So which is Coke and which is Pepsi? That’s for you to decide!

With the increasing focus on cyber security and foreign-based attacks, I have been looking into the world of ethical hacking. 

(“Ethical hacking” is an attack on a system by or on behalf of the system owners.  It’s done to test for vulnerabilities.)

I reviewed several tools used to penetrate systems and analyze networks.Most tools are free and straight-forward to use, like the Nessus or Wireshark network scanners.  These tools are well built and easy to learn, however understanding what captured data means may require some knowledge of IP traffic analytics. 

One of the more interesting and powerful tools I reviewed was BackTrack 3, an open-source application marketed as the complete penetration-testers’ toolkit.  BackTrack has been around for years, but its latest release is more functional and easier to use than previous versions.  BackTrack is small enough to fit on a CD or USB drive, but powerful to enough to help even novices penetrate systems.

BackTrack is best utilized as a bootable CD or USB drive, where the user has access to a modified version of the Linux operating system loaded with a quick and dirty penetration toolkit offering more than 300 powerful tools.  Users access the tools with a simple graphical user interface through a Linux kernel resembling a standard Windows desktop.

I have some experience with software development, so  I understand the concepts upon which these tools are built, and the level of knowledge and manual effort required to develop exploits such as cross-site scripting vulnerabilities and SQL injections.  Attackers would need to have an in-depth understanding of specific system vulnerabilities, an attack method to exploit them, and the ability to develop the exploit.  BackTrack removes some of these obstacles and includes tools to automate many of the more intensive attacks. 

One of the key features of BackTrack 3 is the inclusion of the Metasploit Framework.  This feature allows users to customize exploits and the payload, with only minimal knowledge about the target system – which can be gleaned from OS fingerprinting by one of the port-scanning tools in BackTrack. 

This toolkit allows penetration testers to develop malicious code exploits quickly and easily, without much knowledge of coding.  Google can be a powerful resource to combine with this toolkit.  With openly available resources and “how to” instructions on the internet, anyone can become adept in vulnerability exploits. 

Whenever a new ethical hacking tool is released, it reminds us that information security must evolve continually – to meet continually evolving threats.  Those of us who are security professionals must evolve as well, continually building on our foundational knowledge.  Getting a certification like the CISSP ensures that we’re starting from a solid foundation, ready to meet whatever challenges are next.

Let us hear from you – what security challenges is your company facing, and how are you developing as a security professional to meet those challenges?

Chris