In this article we will talk about Cybersecurity Information Websites, and in previous article we already discussed about Data Masking.
The National Vulnerability Database (NVD) is a U.S. government repository of standards-based vulnerability management data that uses the Security Content Automation Protocol (SCAP). SCAP is a method for using specific standards to automate vulnerability management, measurement, and policy compliance evaluation. Click here to visit the National Vulnerability Database website.
SCAP uses open standards to enumerate security software flaws and configuration issues. The specifications organize and measure security-related information in standardized ways. The SCAP community is a partnership between the private and public sector to advance the standardization of technical security operations. Click here to visit the Security Content Automation Protocol website.
The NVD uses the Common Vulnerability Scoring System to assess the impact of vulnerabilities. An organization can use the scores to rank the severity of vulnerabilities that it finds within its network. This, in turn, can help determine the mitigation strategy.
The site also contains a number of checklists that provide guidance on configuring operating systems and applications to provide a hardened environment. Click here to visit the National Checklist Program Repository.
The Software Engineering Institute (SEI) at Carnegie Mellon University helps government and industry organizations to develop, operate, and maintain software systems that are innovative, affordable, and trustworthy. It is a Federally Funded Research and Development Center sponsored by the U.S. Department of Defense.
The CERT Division of SEI studies and solves problems in the cybersecurity arena including security vulnerabilities in software products, changes in networked systems, and training to help improve cybersecurity. CERT provides the following services:
- Helps to resolve software vulnerabilities
- Develops tools, products, and methods to conduct forensic examinations
- Develops tools, products, and methods to analyze vulnerabilities
- Develops tools, products, and methods to monitor large networks
- Helps organizations determine how effective their security-related practices are
CERT has an extensive database of information about software vulnerabilities and malicious code to help develop solutions and remediation strategies.
Internet Storm Center (ISC)
The Internet Storm Center (ISC) provides a free analysis and warning service to Internet users and organizations. It also works with Internet Service Providers to combat malicious cyber criminals. The Internet Storm Center gathers millions of log entries from intrusion detection systems every day using sensors covering 500,000 IP addresses in over 50 countries. The ISC identifies sites used for attacks and provides data on the types of attacks launched against various industries and regions of the world.
Click here to visit the Internet Storm Center. The website offers the following resources:
- An InfoSec Diary Blog Archive
- Podcasts which include the Daily Stormcasts, daily 5-10 minute information security threat updates
- InfoSec Job Postings
- Information Security News
- InfoSec Tools
- InfoSec Reports
- SANS ISC InfoSec Forums
The SANS Institute supports the Internet Storm Center. SANS is a trusted source for information security training, certification, and research.
The Advanced Cyber Security Center (ACSC) is a non-profit organization that brings together industry, academia, and government to address advanced cyber threats. The organization shares information on cyber threats, engages in cybersecurity research and development, and creates education programs to promote the cybersecurity profession.
ACSC defined four challenges that will help shape its priorities:
- Build resilient systems to recover from attacks and failures.
- Enhance mobile security.
- Develop real-time threat sharing.
- Integrate cyber risks with enterprise risk frameworks.
A vulnerability scanner assesses computers, computer systems, networks, or applications for weaknesses. Vulnerability scanners help to automate security auditing by scanning the network for security risks and producing a prioritized list to address weaknesses. A vulnerability scanner looks for the following types of vulnerabilities:
- Use of default passwords or common passwords
- Missing patches
- Open ports
- Misconfiguration of operating systems and software
- Active IP addresses
When evaluating a vulnerability scanner, look at how it is rated for accuracy, reliability, scalability, and reporting. There are two types of vulnerability scanners to choose from—software-based or cloud-based.
Vulnerability scanning is critical for organizations with networks that include a large number of network segments, routers, firewalls, servers, and other business devices.