National Webcast Initiative

Cyber Security Risk Assessment Webcast

August 26, 2004

References

These links are provided because they have information that may be useful and are provided as a general reference only. Their placement on this list does not warrant the accuracy of any information contained in the links and neither endorses nor intends to promote the advertising of the resources listed herein. The information provided is by no means an exhaustive list, however, it can be utilized as a foundation from which you can build your knowledge and further pursue these topics on your own.

 

General

Information Security Guidelines for NSW Government - http://www.oit.nsw.gov.au/content/7.2.5.infosec.asp(New Window)

 

Information Security Booklet - http://www.ffiec.gov/ffiecinfobase/booklets/information_secruity/infosec_toc.htm(New Window)

Standards

ISO 17799: Information technology - Code of practice for information security management. - http://www.iso.ch/iso/en/prods-services/popstds/.../en/CatalogueDetailPage.CatalogueDetail?CSNUMBER=33441&ICS1=35(New Window)

 

ISO 13335: Information technology -- Guidelines for the management of IT Security -- Part 1: Concepts and models for IT Security - http://www.iso.ch/iso/en/CatalogueDetailPage.CatalogueDetail?CSNUMBER=21733&ICS1=35(New Window)

 

NIST SP 800-xx - http://csrc.nist.gov/publications/nistpubs/(New Window)

 

Center for Internet Security - http://www.cisecurity.org/(New Window)

 

Tools

Computer Associates

eTrust Vulnerabilty Manager - http://www3.ca.com/Solutions/Product.asp?ID=4707(New Window)

eTrust Managed Vulnerability Service - http://www3.ca.com/Solutions/Product.asp?ID=4914(New Window)

 

Ernst & Young - Technology & Security Risk Services - http://www.ey.com/global/content.nsf/International/Services_-_Assurance_&_Advisory_-_Technology_and_Security_Risk(New Window)

 

Foundstone, Inc Strategic Security - http://www.foundstone.com/index.htm?subnav=resources/navigation.htm&subcontent=/resources/freetools.htm(New Window)

 

Combose: Security Scanners - http://www.combose.com/Computers/Security/Internet/Products_and_Tools/Security_Scanners/(New Window)

 

Insecure.org: Top 75 Security Tools - http://www.insecure.org/tools.html(New Window)

 

Peter Davis + Associates: Blackhat Security Testing Tools - http://www.pdaconsulting.com/blackhat.htm(New Window)

 

Secureroot computer security resource: List of security tools - http://www.secureroot.com/security/tools/(New Window)

 

Tools and Utilities - http://doc.asf.ru/Tools%20&%20Utilities.htm(New Window)

 

Web Site Test Tools and Site Management Tools - http://www.softwareqatest.com/qatweb1.html(New Window)

 

YoLinux: List of Linux Security and Hacker Software Tools - http://www.yolinux.com/TUTORIALS/LinuxSecurityTools.html(New Window)

 

 

Terms

Information Security Glossary - http://www.yourwindow.to/information-security/index.htm(New Window)

 

Additional Resources

US-CERT - http://www.uscert.gov/resources.html(New Window)

 

Other security advisories and links - http://www.cscic.state.ny.us/related.htm(New Window)

 

SANS Internet Storm Center - http://www.incidents.org/(New Window)

 

CA Security Advisor - http://www3.ca.com/securityadvisor/default.aspx(New Window)

 

Sophos - http://www.sophos.com/(New Window)

 

Symantec Security Response - http://securityresponse.symantec.com/avcenter/vinfodb.html(New Window)

 

Trend Micro: Security Information - http://www.trendmicro.com/vinfo/(New Window)

 

VirusList.com - http://www.viruslist.com/eng/index.html(New Window)