Url http://www.isecom.org/projects/osstmm.shtml Description A widely used, peer-reviewed, methodology for performing security tests. Random Quote Open Source Security Testing Methodology Manual Open Source Security Testing Methodology Manual (OSSTMM) is a peer-reviewed methodology for performing security tests and metrics. The OSSTMM test cases are divided into five channels (sections) which collectively test: information and data
waiting for hand_moderation Keywords Institute, for, Security, and, Open, Methodologies, title Category Policy Contact Name Email

Write a Review

Add to My Favorite

Refer it to Friend

Report Broken Link

Other links at Policy

1. Common Criteria Evaluation and Validation Scheme

Provides details of this US government scheme.
Random site Quote:
NIAP CCEVS is managed by the NSA, and is focused on establishing a national program for the evaluation of information technology products for conformance to the International Common Criteria for Information Technology Security Evaluation.
For FY09, the NIAP CCEVS office will maintain the existing FY08 policy to continue accepting US Government PP or EAL 4 compliant products into evaluation. were reviewed and revised where necessary. The publications had major revisions and therefore should be read in their entirety. outlining the

2. A Structured Approach to Computer Security

A security policy is a set of rules written in general terms stating what is permitted and what is not permitted in a system during normal operation.
Random site Quote:
Document details from CiteSeerX (Isaac Councill, Lee Giles): Security and dependability are two closely connected areas. Recently, some attempts have been made to integrate the two concepts by integrating security into the more general topic of dependability. This paper describes security concepts and gives a survey of security terminology. It also establishes a taxonomy reflecting concepts within the security area which enables the integration of security and dependability. Special concern is given to the problems which inevitably arise from the integration, for example, a somewhat different definition of security is introduced. This paper does not pretend to cover every single mechanism found in security, but is rather an attempt to create a taxonomy for security analysis, estimation and design; a taxonomy that should be useful for further research within this area.
A structured approach to computer security No tags have been applied to this document. author = {Tomas Olovsson}, title = {A structured approach to computer security}, Security and dependability are two closely connected areas. Recently, some attempts have been made to integrate the two concepts

3. ITworld.com - Security's human side

IT World article - essentially a review of Pentasafe's VigilEnt security policy management product.
Random site Quote:
When it comes to keeping your company's systems secure, employees and managers play roles as important as those of the technological gadgets they deploy. Any security shield that protects your business should be accompanied by sound company policies that explain risks, outline duties, and recommend correct behaviors to your users. Failure to do so could expose your company to litigation and possibly to damaging public embarrassment.
May 29, 2001, 10:32 AM — InfoWorld — When it comes to keeping your company's systems secure, employees and managers play roles as important as those of the technological gadgets they deploy. Any security shield that protects your business should be accompanied by sound company policies

Popular Tags

# A B C D E F G H I J K L M N O P Q R S T U V W X Y Z