Previously I mentioned several web sites which are useful for determining current vulnerabilities. I firmly believe that leakedin.com and pastebin.com are useful for determining vulnerabilities however they are not the most useful for looking for information unless you're looking for something specific such as customer information. Other sites are far better at performing the task of identifying vulnerabilities such as the US Cert site and Symantec. The National Vulnerability Database provided by US Cert is likely one of the best sites for reviewing vulnerabilities. This site contains virtually every known vulnerability and is easily searched.
Being tasked with finding vulnerabilities I would utilize the Symantec and US Cert sites in order far more often then others. Having a good reliable source for locating vulnerabilities is likely one of the most important things a security professional will do. Having a credible source with valuable and easy to find information is critical. I believe that the US Cert and Symantec sites are likely some of the most credible sources available for vulnerability information.
Monday, April 22, 2013
Sunday, April 14, 2013
Security Modeling
Modeling is perhaps one of the most critical aspects of documentation especially in the security field. Modeling can take multiple forms and can be simple or incredibly complex however the overall purpose is always the same. In my mind the purpose of modeling is to tell a story via pictures. This allows individuals viewing the model to gain an in depth level of understanding in relatively short amount of time.
Modeling is important because it allows the viewers to see how things are organized. Network diagrams show how the environment is laid out. Use case diagrams explain the logic of operations such as security rule and script logic. These diagrams serve multiple purposes including helping the implementer lay things out before they proceed with an implementation as well as helping train new individuals on the team.
I realize that no one truly likes creating documentation however it's incredibly important especially in the IT world. Without documentation especially modeling diagrams it is incredibly difficult to mange the systems down the road, train new workers on the systems in place, and gain an in depth understanding of the current implementation.
Modeling is important because it allows the viewers to see how things are organized. Network diagrams show how the environment is laid out. Use case diagrams explain the logic of operations such as security rule and script logic. These diagrams serve multiple purposes including helping the implementer lay things out before they proceed with an implementation as well as helping train new individuals on the team.
I realize that no one truly likes creating documentation however it's incredibly important especially in the IT world. Without documentation especially modeling diagrams it is incredibly difficult to mange the systems down the road, train new workers on the systems in place, and gain an in depth understanding of the current implementation.
Sunday, April 7, 2013
Documentation, Policies, and Procedures
Having effective policies and procedures in place is absolutely essential to a successful security organization. These documents must provide detailed descriptions on how to handle specific incidents as well as how to complete daily work activities.
Policies and procedures must be documented and enforced on the current infrastructure and how security is implemented. Without these essential documents too much can be left up to interpretation and on fly decisions can be made which contradict the general philosophy of the organization.
Documented policies and procedures provide a blueprint for employees and provide them with the tools they need to make on the fly decisions that follow company guidelines.
Documentation also extends to network or process diagrams. Having effective and COMPLETE diagrams is essential to the security organization. Diagrams provide a method for employees to gain a deeper understanding of how the network is designed and where security appliances are located. This also allows for for efficient troubleshooting of issues.
Subscribe to:
Posts (Atom)