techponder.wordpress.com
Security Tests – SCAP Content | techponder
https://techponder.wordpress.com/2015/01/12/security-tests-scap-content
Pondering the Implications of Technology. Running SCAP Scans →. Security Tests – SCAP Content. January 12, 2015. While the SCAP technologies are interesting, they have limited value without security content. The actual set of security tests run by SCAP. Fortunately there is a good set of content available that can be used as a starting point. The US Government has released a set of SCAP content that covers the baseline security required the United States Government Configuration Baseline. An example of c...
techponder.wordpress.com
techponder | Pondering the Implications of Technology | Page 2
https://techponder.wordpress.com/page/2
Pondering the Implications of Technology. Newer posts →. Superfish – Man-in-the-Middle Adware. February 21, 2015. Superfish has been getting a lot of attention the Forbes article. Is one of the better overviews. Instead of jumping in and covering the details of Superfish, let’s look at how it might work in the real world. Now has all this information. They claim they aren’t doing anything with it, but there is no particular reason to trust them. How does all this work? A new SSL Root Certificate. SSL ser...
makingsecuritymeasurable.mitre.org
Making Security Measurable- Configuration Management
http://makingsecuritymeasurable.mitre.org/directory/areas/configurationmanagement.html
A Collection of Information Security Community Standardization Activities and Initiatives. MSM Directory of Efforts. The narrative text description for this page is currently under development. Please check back later. In the meantime, standardization efforts in this area of cyber security include the following:. Common Configuration Enumeration (CCE). Common Platform Enumeration (CPE). Open Vulnerability and Assessment Language (OVAL). Security Content Automation Protocol (SCAP). July 05, 2013.
makingsecuritymeasurable.mitre.org
Making Security Measurable- System Assessment
http://makingsecuritymeasurable.mitre.org/directory/areas/systemassessment.html
A Collection of Information Security Community Standardization Activities and Initiatives. MSM Directory of Efforts. The narrative text description for this page is currently under development. Please check back later. In the meantime, standardization efforts in this area of cyber security include the following:. Common Vulnerabilities and Exposures (CVE). Common Weakness Enumeration (CWE). Common Weakness Scoring System (CWSS). Common Weakness Risk Analysis Framework (CWRAF). July 05, 2013.
scorpionsystemprotection.com
Download Scorpion
http://www.scorpionsystemprotection.com/downloads.htm
Scorpion System Protection for Windows Computers. Block the holes that Anti-virus considers. Just Choose Your Windows. Available in 3-PC Single Licenses or Site Administrator Packs! Works on both 32 and 64-bit versions. The Windows 10 edition is still being ratified. Expected release date is. July 1, 2015. Scorpion For Windows 8/8.1. Personal (1-5 PCs) $39.99 USD. Admin (-250 PCs) $1,749.99 USD. Built just for Windows by Windows experts. Based on the newly named US Government Computer Baseline ( USGCB.
csrc.nist.gov
NIST Computer Security Division - Programs, Projects and Research
http://csrc.nist.gov/projects/a_to_z.html
NIST, Computer Security Resource Center. FISMA and Cybersecurity Initiatives. Systems and Emerging Technologies. A-Z List of Projects. NIST Special Publications (SPs). By Security Control Family. Journal Articles and Other Papers. Early Computer Security Papers (1970-1985). Federal Register Notices Archives. Programs, Projects and Research. FISMA and Other Initiatives. Systems and Emerging Technologies. A-Z List of CSD Projects. Sign Up for Email Alerts from NIST's CSRC:. Access Control Policy Testing.
csrc.nist.gov
Security Automation and Vulnerability Management
http://csrc.nist.gov/projects/secauto.html
NIST, Computer Security Resource Center. FISMA and Cybersecurity Initiatives. Systems and Emerging Technologies. A-Z List of Projects. NIST Special Publications (SPs). By Security Control Family. Journal Articles and Other Papers. Early Computer Security Papers (1970-1985). Federal Register Notices Archives. Programs, Projects and Research. FISMA and Other Initiatives. Systems and Emerging Technologies. A-Z List of CSD Projects. Sign Up for Email Alerts from NIST's CSRC:. SP 800-61, Rev. 2).
