Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Management
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

SIM and Contants of Security Reports

from [Nabil MALIK / KTEFH - OTAS] Network Security [Permanent Link]
Subject: SIM and Contants of Security Reports
Date: Wed, 6 Apr 2005 17:17:30 +0300 
Dear Fellows,

In addition to the following list (coming from the top of my head), what should 
go in a general 'Monthly Security Report' prepared by IT security unit. The 
audience is specifically the upper-management (needs to be human friendly and 
relatively less technical).

-Average Machine (client/server) patch status
-Average anti-virus signature status
-Avg. number of attacks (HIGH sensitivity) from internet and intranet. Probably 
needs to be extracted from IDS and firewall logs.
-Users with highest Internet usage.
-Virus/Trojans blocked on the gateway products (SMTP, HTTP, FTP etc.)

Also, nowadays I read about the so called Security Information Management (SIM) 
products available in the market that gather logs from different sources 
(firewall, IDS etc) and correlate it to make sense and give a clear picture (in 
some cases real-time) of the security of your network/system as a whole. What 
products do you recommend and in addition to their principle benefit, would 
they be helpful for the above report that I want to create on monthly basis.

For information on SIM visit = 
http://informationsecurity.techtarget.com/magItem/1,291266,sid42_gci1073898,00.html

Any suggestions will be appreciated. Thanks.

Regards,
 
-Nabil.



DISCLAIMER:
Bu elektronik posta ve ekleri, sadece yukarida ismi yazili alicinin dikkatine 
gonderilmistir. Mesajin muhatabi degilseniz, icerigini ve varsa ekindeki 
dosyalari kimseye aktarmayiniz ya da kopyalamayiniz. Boyle bir durumda 
gondereni uyarip, mesaji imha ediniz. KUVEYT TURK E.F.K. A.S bu e-postanin ve 
eklerinin icerdigi bilgilerin size degisiklige ugrayarak ulasmasindan veya gec 
ulasmasindan, butunlugunun ve gizliliginin korunamamasindan veya icerigine 
güvenilerek yapilacak islemlerden dolayi sorumlu tutulamaz.
This e-mail & its content have been sent to the attention of the receiver named 
above. If you are not the intended recipient (or have received this e-mail in 
error), Please notify the sender immediately and destroy this e-mail. Any 
unauthorized copying, disclosure or distribution of the material in this e-mail 
is strictly forbidden. Kuwait Turkish Evkaf Finance House shall not be held 
liable for the arrival of this e-mail & its content as modified or late, the 
protection of integrity and secrecy and shall not be liable to any person who 
acts or omits to do anything in reliance upon it.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Software for developing various security policies/standards and guidelines, Brian Pomeroy
Next by Date:  Ten Tips for Corporations to Protect Customer Information from Identity Theft, Gideon T. Rasmussen, CISSP, CISA, CISM, CFSO, SCSA
Previous by Thread:  IT governance awareness module, Gideon T. Rasmussen, CISSP, CISA, CISM, CFSO, SCSA
Next by Thread:  Re: SIM and Contants of Security Reports, zmaster zhang
Indexes:  [Date] [Thread] [Top] [All Lists]