Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Management
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Is there any way to measure IT Security??

from [Newcomb, Kelly] Network Security [Permanent Link]
Subject: RE: Is there any way to measure IT Security??
Date: Wed, 3 Aug 2005 08:07:25 -0500 
You might also check:

 

http://securitymetrics.org/content/Wiki.jsp 

 

--

Kelly Newcomb, CISSP

Information Security Officer

Texas Guaranteed - The Guarantor of Choice

Voice: 512-219-4697

Email: kelly.newcomb@tgslc.org <mailto:kelly.newcomb@tgslc.org> 

 

-----Original Message-----
From: Gary Everekyan [mailto:karo.onnik@bluetie.com] 
Sent: Tuesday, August 02, 2005 1:33 PM
To: irony@trini.org; toto@playon.co.id
Cc: pen-test@securityfocus.com; security-management@securityfocus.com;
secpapers@securityfocus.com; focus-linux@securityfocus.com;
libnet@securityfocus.com; firewalls@securityfocus.com;
security-basics@securityfocus.com
Subject: Re: Is there any way to measure IT Security??

 

Google Risk reporting and you will get whole list of research links.

It would also be helpful to look at owasp www.owasp.org
<https://www.bluetie.com/cgi-bin/www.owasp.org> 

HTH

Regards,


Gary Everekyan

CISSP, CISM, ISSAP, ISSPCS, MCSE, MCT
garyeve@Microsoft.com
"High achievement always takes place in the framework of high
expectation" -Jack Kinder



-----Original Message-----
From: "Larry Marin (Irony Account)" [irony@trini.org]
Date: 08/02/2005 01:09 PM

You should check out NSA IAM/IEM Methodology...it works well for me.
http://www.iatrp.com/iam.cfm


Toto A Atmojo wrote:


Dear all,

Currently I'm looking for a tool, or a technique to measure IT

security?


The baseline for security is CIA (Confidentiality, Integrity and 
Availability), that is every organization which want to called secure 
must be guarantee that their system comply this matter.

But the problem is, we need a tool/technique to measure how secure are



we. Therefore, wee need a tool/technique to measure how close that our



system status now to CIA.

Please share your experience about this matter.

If there any link about this issue, I really appreciate if you share 
to us (You may contact me privately) .

Best Regs,

Toto
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Is there any way to measure IT Security??, Marriott, Bill (US - Dallas)
Next by Date:  RE: Is there any way to measure IT Security??, Alexandre Paradis
Previous by Thread:  RE: Is there any way to measure IT Security??, Alexandre Paradis
Next by Thread:  RE: Is there any way to measure IT Security??, shankarnarayan . d
Indexes:  [Date] [Thread] [Top] [All Lists]