Vulnerability Management
We're Lost, But We're Making Good Time!
Throughout history, information has been protected by one form of security or another. Time and time again, we have stood by to watch the latest techniques compromised by a few ...
Written by: Benjamin P. Grubin and added on April 5, 2011Vulnerability Assessment
The intention of this paper is to provide basic information to those who have recently entered the security field, provide some insight as to why a vulnerability assessment is necessary ...
Written by: Susan Cima and added on April 11, 2011The Science of Host Based Security
Just a few years ago, the focus of enterprise security was primarily split between perimeter security and authentication controls. Security engineers spent their time mulling over firewall implementations, access rights, ...
Written by: Ray Zadjmool and added on Jan. 16, 2011A Model for Peer Vulnerability Assessment
Once a network is set up and running, it is critically important to persistently check the network and hosts to assure they are not vulnerable to attack. Once a system ...
Written by: Patricia Payne and added on Feb. 24, 2011SNMP and Potential ASN.1 Vulnerabilities
Earlier this year a number of issues with the Simple Network Management Protocol (SNMP) [RFC1157] were highlighted by the University of Oulu Secure Programming Group [OSPG]. This led to the ...
Written by: Edmund Whelan and added on March 19, 2011Your Greatest Strength can become your Greatest Weakness: Simple Network Management Protocol Vulnera
According to the recent press coverage, multiple vulnerabilities have been discovered in the widely used Simple Network Management Protocol (SNMP). This paper will discuss some of the major vulnerabilities discovered ...
Written by: Amy Geiger and added on May 25, 2011System Vulnerability Mitigation
This essay addresses various facets of IT security and offers insight into the
Written by: Kevin Vasquez and added on May 15, 2011Vulnerability Assessment Survey
Organizations have a tremendous opportunity to use information technologies to increase their productivity. Securing information and communications systems will be a necessary factor in taking advantage of all this increased ...
Document added on Jan. 31, 2011Case Study: A Risk Audit of a Very Small Business
Many security case studies focus on large businesses, or on small businesses, for limited values of “small.” The US Federal Government defines a small business as having fewer than 100 ...
Document added on March 16, 2011Implementing Vulnerability Scanning in a Large Organization
This paper describes how the security group in our organization uses Vulnerability Scanning to demonstrably improve our security posture. This covers the reasons and requirements for scanning, how this fits ...
Document added on Jan. 7, 2011