Suche innerhalb des Archivs / Search the Archive All words Any words

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[] Washington Post: schöne Liste von IT-Sicherheits-Quellen im Netz,

Komisch allerdings, dass Securityfocus und ähnliche nicht auftauchen.

IT Security Resources

Monday, April 22, 2002; 4:02 PM 

Since September 11, the government and Corporate America alike have 
taken a stronger interest in understanding how to ward off security 
risks. Company executives have realized that their information 
technology infrastructure is both an important asset - as well as a 
vulnerable one. But many firms don't know where to start to pinpoint 
weaknesses in their networks or to find tips for getting prepared for 
or warding off various IT-related security risks. While IT security 
experts caution that there is not a magic list that applies to every 
company or organization's needs, there are some online resources - 
including many free clearinghouses - that may serve as starting points 
for IT security information.
Run by the federally funded Software Engineering Institute operated at
Carnegie Mellon University, the CERT Coordination Center provides
various resources on Internet security, including advisories on
vulnerabilities and computer security incidents.
Under the National Institute of Standards and Technology (NIST), the
Computer Security Resource Center Web site has a number of resources
to help with IT risks, vulnerabilities and protection requirements.  
Once on the home page, there is a section with helpful links to other
IT resources from various academic, governmental and professional
outlets. For a full list of CSRC's list of outside resources on the
Also part of NIST, this Web site contains a searchable index of
information on computer vulnerabilities and information for obtaining
patches for problems.
The main National Institute of Standards and Technology Web site. NIST
is a non-regulatory federal agency under the U.S. Commerce
Department's Technology Administration.
The SANS (System Administration, Networking and Security) Institute is
a research and education organization designed for the information
security community to share information. The Web site provides free
information on research summaries, news digests and security alerts,
among other resources.
The National Infrastructure Protection Center (NIPC) Web site. The
NIPC operates out of the FBI's headquarters in Washington. The group
-- along with state, local and private partnerships -- provides threat
assessment, warning, investigation, and response to threats or attacks
against telecommunications, energy, emergency services and other
infrastructures for the U.S. government. The site has information on
various alerts and cyberthreats.
U.S. Department of Justice site that provides a wide-range of 
information on cyberthreats and cybercrime policy issues.
Information Assurance Support Environment Web site, sponsored by the 
Defense Information Systems Agency. The site is billed as an 
information assurance clearinghouse.
The Department of Energy Computer Incident Advisory Capability Web 
site includes information on up-to-date vulnerabilities and articles 
and information on addressing particular security issues.
The Federal Computer Incident Response Center is a central facility 
that handles computer security-related issues affecting the U.S. 
federal government's civilian agencies and departments.
The U.S. Government's Homeland Security Office main Web site with 
various links to government news, information and alerts. 

Some links to IT security-related associations and other 
Information Systems Security Association, a nonprofit international 
group of information security professionals. The group provides 
educational forums among other services.
The Common Criteria was formed to develop criteria to evaluate IT 
security, with a focus on the international community.
A nonprofit organization that provides systems engineering, research 
and development and information technology support to the government. 
The group's common vulnerabilities and exposures Web site,, provides a list of standardized names for 
vulnerabilities and information security exposures.
The Center for Internet Security group was formed to help 
organizations manage risks related to information security. The center 
provides tools for individuals and businesses to monitor and compare 
the security level of Internet-connected systems.
Internet Security Alliance is a group effort involving Carnegie Mellon 
University's Software Engineering Institute, the CERT Coordination 
Center and the Electronic Industries Alliance. The group lobbies 
legislators and regulators and works to identify and standardize "best 
practices" in Internet security.
Financial Services Information Sharing and Analysis Center, touted on 
its site as an industry-wide database for its membership of e-security 
threats, vulnerabilities and solutions to IT security problems.
A publication covering the information security industry. 

Compiled by Staff Writer Cynthia L. Webb. Selected Web 
links suggested by Lee Zeichner, president of LegalNet Works Inc. of 
Falls Church. LegalNet Works develops information security laws and 
regulations. Additional Web links suggested by Patricia Hammar, vice 
president for corporate development and advanced technology programs 
at National Security Research Inc., a Washington company that conducts 
technical and policy research for federal government agencies. 
National Institute of Standards and Technology spokesman Phil Bulman 
suggested additional links.

Liste verlassen: 
Mail an infowar -
 de-request -!
- infopeace -
 de mit "unsubscribe" im Text.