[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[infowar.de] Washington Post: schöne Liste von IT-Sicherheits-Quellen im Netz
Komisch allerdings, dass Securityfocus und ähnliche nicht auftauchen.
IT Security Resources
Monday, April 22, 2002; 4:02 PM
Since September 11, the government and Corporate America alike have
taken a stronger interest in understanding how to ward off security
risks. Company executives have realized that their information
technology infrastructure is both an important asset - as well as a
vulnerable one. But many firms don't know where to start to pinpoint
weaknesses in their networks or to find tips for getting prepared for
or warding off various IT-related security risks. While IT security
experts caution that there is not a magic list that applies to every
company or organization's needs, there are some online resources -
including many free clearinghouses - that may serve as starting points
for IT security information.
Run by the federally funded Software Engineering Institute operated at
Carnegie Mellon University, the CERT Coordination Center provides
various resources on Internet security, including advisories on
vulnerabilities and computer security incidents.
Under the National Institute of Standards and Technology (NIST), the
Computer Security Resource Center Web site has a number of resources
to help with IT risks, vulnerabilities and protection requirements.
Once on the home page, there is a section with helpful links to other
IT resources from various academic, governmental and professional
outlets. For a full list of CSRC's list of outside resources on the
Also part of NIST, this Web site contains a searchable index of
information on computer vulnerabilities and information for obtaining
patches for problems.
The main National Institute of Standards and Technology Web site. NIST
is a non-regulatory federal agency under the U.S. Commerce
Department's Technology Administration.
The SANS (System Administration, Networking and Security) Institute is
a research and education organization designed for the information
security community to share information. The Web site provides free
information on research summaries, news digests and security alerts,
among other resources.
The National Infrastructure Protection Center (NIPC) Web site. The
NIPC operates out of the FBI's headquarters in Washington. The group
-- along with state, local and private partnerships -- provides threat
assessment, warning, investigation, and response to threats or attacks
against telecommunications, energy, emergency services and other
infrastructures for the U.S. government. The site has information on
various alerts and cyberthreats.
U.S. Department of Justice site that provides a wide-range of
information on cyberthreats and cybercrime policy issues.
Information Assurance Support Environment Web site, sponsored by the
Defense Information Systems Agency. The site is billed as an
information assurance clearinghouse.
The Department of Energy Computer Incident Advisory Capability Web
site includes information on up-to-date vulnerabilities and articles
and information on addressing particular security issues.
The Federal Computer Incident Response Center is a central facility
that handles computer security-related issues affecting the U.S.
federal government's civilian agencies and departments.
The U.S. Government's Homeland Security Office main Web site with
various links to government news, information and alerts.
Some links to IT security-related associations and other
Information Systems Security Association, a nonprofit international
group of information security professionals. The group provides
educational forums among other services.
The Common Criteria was formed to develop criteria to evaluate IT
security, with a focus on the international community.
A nonprofit organization that provides systems engineering, research
and development and information technology support to the government.
The group's common vulnerabilities and exposures Web site,
http://cve.mitre.org/, provides a list of standardized names for
vulnerabilities and information security exposures.
The Center for Internet Security group was formed to help
organizations manage risks related to information security. The center
provides tools for individuals and businesses to monitor and compare
the security level of Internet-connected systems.
Internet Security Alliance is a group effort involving Carnegie Mellon
University's Software Engineering Institute, the CERT Coordination
Center and the Electronic Industries Alliance. The group lobbies
legislators and regulators and works to identify and standardize "best
practices" in Internet security.
Financial Services Information Sharing and Analysis Center, touted on
its site as an industry-wide database for its membership of e-security
threats, vulnerabilities and solutions to IT security problems.
A publication covering the information security industry.
Compiled by Washtech.com Staff Writer Cynthia L. Webb. Selected Web
links suggested by Lee Zeichner, president of LegalNet Works Inc. of
Falls Church. LegalNet Works develops information security laws and
regulations. Additional Web links suggested by Patricia Hammar, vice
president for corporate development and advanced technology programs
at National Security Research Inc., a Washington company that conducts
technical and policy research for federal government agencies.
National Institute of Standards and Technology spokesman Phil Bulman
suggested additional links.
Mail an infowar -
- infopeace -
de mit "unsubscribe" im Text.