Security Assessment

RSS feed for this section
This category contains 12 posts


Top 5 Security Compliance Checklist

By December 27, 2011 Post a comment

1. Ensure Security in Layers.
Enabling security policies in routers, switches, firewalls, IPS, AAA authentication, etc within your network would ensure
a layered security approach for better fraud protection and overall security to consumers and businesses.

2. Understand ISO 27036
Get familiar with ISO 27036 standard on Information security for supplier relationships to meet vendor compliance
for better third party audits. This is especially important for companies involved with outsourcing.

3. PCI 2.0
Delete cardholder data if possible and if not then make sure it is encrypted and protected. Do not leave it in the clear.

This is a preview of Top 5 Security Compliance Checklist. Read the full post (129 words, estimated 31 secs reading time)

Free Malware Validation and Analysis Tool Virus Total

By November 24, 2010 Post a comment

If you suspect your machine has a suspicious malware file or you receive a suspicious email attachment, you can validate this file against a free tool called virus total before opening it for analysis.

Available at www.virustotal.com you also have the option to upload the file or just enter the md5 value of the file. It will scan its database for virus, worms and malware information to validate it against at least 41 different anti virus applications.

Example: If you either upload the file or enter the files md5 value at www.virustotal.com/search.html

————————-

Read More

Permanent link to this post (96 words, 1 image, estimated 23 secs reading time)

Foremost – File Recovering and Data Carving Tool

By March 2, 2009 Post a comment

Foremost is a console program to recover files based on their headers, footers, and internal data structures. This process is commonly referred to as data carving. Foremost can work on image files, such as those generated by dd, Safeback, Encase, etc, or directly on a drive. The headers and footers can be specified by a configuration file or you can use command line switches to specify built-in file types. These built-in types look at the data structures of a given file format allowing for a more reliable and faster recovery.

Read More

Ref. sourceforge.net

Permanent link to this post (95 words, estimated 23 secs reading time)

Detect vulnerabilities on your Internet-facing server for free.

By December 20, 2008 Post a comment

qualysFreeScan from Qualys allows you to quickly and accurately scan your server for thousands of vulnerabilities that could be exploited by an attacker. If vulnerabilities exist on the IP address provided, FreeScan will find them and provide detailed information on each risk – including its severity, associated threat, and potential impact. It even provides links to give you more information about the vulnerability and how to correct it.

Link

Permanent link to this post (70 words, 1 image, estimated 17 secs reading time)

« Previous