Information Technology Security Resources
Portals
- About.com: Internet/Network Security http://netsecurity.about.com/
- AntiOnline “Computer Security” http://www.antionline.com/index.php
- CERIAS Hotlist http://www.cerias.purdue.edu/tools_and_resources/hotlist/
- CIO Security & Privacy Research Center http://www.cio.com/research/security/
- Computer Security Privacy and Tools http://www.securitypointer.com/
- EDUCAUSE Security “A Resource on Computer and Network Security for the Higer Education Community” http://www.educause.edu/security/
- Google Directory - Computers: Security http://directory.google.com/Top/Computers/Security/
- Information Security Resources http://security.isu.edu/
- INFOSYSSEC “The Security Portal for Information System Security Professionals” http://www.infosyssec.com/infosyssec/
- ITAA Information Security Homepage http://www.itaa.org/policy/information/
- IT Toolbox Security Knowledge Base http://security.ittoolbox.com/
- Linux Security.com http://www.linuxsecurity.com/
- SearchSecurity.com http://searchsecurity.com/
- SecuriTeam http://www.securiteam.com/
- Security Administrator (Windows/.NET) http://www.ntsecurity.net/
- SecurityFocus http://www.securityfocus.com/
- TECS The Encyclopedia of Computer Security http://www.itsecurity.com/
Magazines, Journals, Blogs & Documents
- The Basics of an IT Security Policy [document] http://www.giac.org/practical/jack_albright_gsec.doc
- Computer Security Now [news] http://www.computersecuritynow.com/
- “Create Order with a Strong Security Policy” Network Magazine [article] http://www.networkmagazine.com/article/NMG20000710S0015
- CSO Magazine “for information security executives” http://www.csoonline.com/
- First Response's Information Security Blog [blog] http://firstresponseconsulting.typepad.com/
- Generally Accepted System Security Principles [document] http://web.mit.edu/security/www/gassp1.html
- Help Net Security [online newsletter] http://www.net-security.org/
- Information Security Magazine http://www.infosecuritymag.com/
- Information Security News [news] http://www.infosecnews.com/
- International Journal of Information Security http://link.springer.de/link/service/journals/10207/
- The Information Security Forum: Standard of Good Practice for Information Security [Document] http://www.isfsecuritystandard.com/
- Information Systems Security[journal] http://www.auerbach-publications.com/ejournals/issues/issue_archive.asp?section=1086
- ITAudit [newletter/white papers] http://www.theiia.org/itaudit/
- IT Security Cookbook [document] http://boran.linuxsecurity.com/security/
- NSA Security Recommendation Guides [documents] http://www.nsa.gov/snac/
- NIST Computer Security Resource Center: Common Criteria for Information Technology Security Evaluation [document] http://csrc.nist.gov/cc/
- Operationally Critical Threat, Asset, and Vulnerability EvaluationSM (OCTAVESM) Method
Catalog of Practices,
Version 2.0 [document] http://www.cert.org/archive/pdf/01tr020.pdf - Rootsecure.net [online newsletter] http://www.rootsecure.net/
- SC Magazine http://www.scmagazine.com/sconline/
Resources, Certification & Training
- BlackHat http://www.blackhat.com/
- CERT Coordination Center http://www.cert.org/
- Common Vulnerabilities and Exposures http://www.cve.mitre.org/
- Commonly Accepted Security Practices and Recommendations http://www.caspr.org/
- Consumer Information Security - Federal Trade Commission http://www.ftc.gov/bcp/conline/edcams/infosecurity/
- GIAC Global Information Assurance Certification [certification] http://www.giac.org/
- Information Security Glossary - The Information Security Policies Glossary http://www.yourwindow.to/information-security/
- Information Security Policies & Computer Security Policy Directory http://www.information-security-policies-and-standards.com/
- International Information Systems Security Certification Consortium Inc.(ISC)2 [certification] http://www.isc2.org/
- Internet Security Alliancehttp://www.isalliance.org/
- Internet Storm Center http://isc.sans.org/
- KnowledgeLeader Internal Audit and Risk Management Community: IT
Security
[requires
membership
but 30 day trial is free] http://www.knowledgeleader.com/InternalAudit/website.nsf/search?
OpenAgent&AllByTopic&SearchTopic=Security!Topic=Security - Little cat Z™ Free Open Source Information Security Standards http://www.littlecatz.com/standards/
- Microsoft's Best Practices for Enterprise Security http://www.microsoft.com/technet/archive/security/bestprac/bpent/bpentsec.mspx
- NIST Computer Security Resource Center http://csrc.nist.gov/
- NSA-CSS Information Assurance http://www.nsa.gov/ia/
- Openwall Project Information Security software for open environments http://www.openwall.com/
- The RUsecure Information Security Policies http://www.information-security-policies.com/
- SANS Institute: Reading Room http://www.sans.org/rr/
- SANS Institute [training] http://www.sans.org/
- Security and disaster recovery resources from MIT http://web.mit.edu/security/www/iso-resources.htm
- Security Statistics http://www.securitystats.com/
- US-CERT United States Computer Emergency Readiness Team http://www.us-cert.gov/
- U.S. DOE-Information Security Website http://doe-is.llnl.gov/
Associations
- Benchmarking - Information Technology Security Benchmarking Association http://www.itsba.com/
- EDUCAUSE/Internet2 Computer and Network Security Task Force (Replaced the College and University Information Security Professionals) http://www.educause.edu/security/
- The Computer Security Institute http://www.gocsi.com/
- Information Security Forum http://www.securityforum.org/
- Information Security Management Systems International User Group http://www.xisec.com/
- Internet Security Alliancehttp://www.isalliance.org/
- ISSA - Information Systems Security Association http://www.issa.org/
- ITAA Information Security Homepage http://www.itaa.org/policy/information/
Academic Resources
- Center for Education and Research in Information Assurance and Security (CERIAS) http://www.cerias.purdue.edu/
- Information Security Research Centre at Queensland University of Technology http://www.isrc.qut.edu.au/
Software
- Coming Soon!
Discussions
- USENET alt.security http://groups.google.com/groups?group=alt.security
- USENET comp.security.misc http://groups.google.com/groups?group=comp.security.misc
