Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Libnet
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Is there any way to measure IT Security??

from [John Alexander] Network Security [Permanent Link]
Subject: Re: Is there any way to measure IT Security??
Date: Wed, 03 Aug 2005 04:21:02 -0500 
Basically IT Security covers a gamut of areas, i am just listing some , on the 
fly

* Antivirus Solutions
* Intrusion Prevention
* Intrusion Detection
* Patch Management
* Firewall
* VPN Gateway
* Vulnerability Assessment & Reporting
* Identity Access Management (single-sign-on, SOX/HIPAA/GLB compliance....)
* Network Security
* Security Policy Compliance Management
* AntiSpam (mail protection software)
* Web Content Filtering

I'm not sure whether we have one-size-fits-all solution which can help us in 
measuring your enterprise IT Security posture.

I can list some good tools i have come across personally like NMap, ScanFi, 
Nessus, IdentityAccess Manager,GFI ....but the list is endless, so give them a 
try in google :-)



----- Original Message -----
From: "Gary Everekyan" <karo.onnik@bluetie.com>
To: irony@trini.org, toto@playon.co.id
Subject: Re: Is there any way to measure IT Security??
Date: Tue, 02 Aug 2005 14:32:30 -0400



Google Risk reporting and you will get whole list of research links.
It would also be helpful to look at owasp www.owasp.org
HTH
Regards,

Gary Everekyan
CISSP, CISM, ISSAP, ISSPCS, MCSE, MCT
garyeve@Microsoft.com
"High achievement always takes place in the framework of high 
expectation" -Jack Kinder


-----Original Message-----
From: "Larry Marin (Irony Account)" [irony@trini.org]
Date: 08/02/2005 01:09 PM

You should check out NSA IAM/IEM Methodology...it works well for me.
http://www.iatrp.com/iam.cfm


Toto A Atmojo wrote:


Dear all,

Currently I?m looking for a tool, or a technique to measure IT security?

The baseline for security is CIA (Confidentiality, Integrity and 
Availability), that is every organization which want to called 
secure must be guarantee that their system comply this matter.

But the problem is, we need a tool/technique to measure how 
secure are we. Therefore, wee need a tool/technique to measure 
how close that our system status now to CIA.

Please share your experience about this matter.

If there any link about this issue, I really appreciate if you 
share to us (You may contact me privately) .

Best Regs,

Toto




-- 
___________________________________________________________
Sign-up for Ads Free at Mail.com
http://promo.mail.com/adsfreejump.htm


------------------------------------------------------------------------------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't

Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:

http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
-------------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Is there any way to measure IT Security??, Gary Everekyan
Next by Date:  Re: Is there any way to measure IT Security??, Alberto Cardona II
Previous by Thread:  Re: Is there any way to measure IT Security??, Gary Everekyan
Next by Thread:  Re: Is there any way to measure IT Security??, Richard . Sullivan
Indexes:  [Date] [Thread] [Top] [All Lists]