[TriLUG] Vulnerability assesment programs

[Phillip Rhodes]

Kevin Flanagan wrote:


> 	I am now a part of the Information Security team at work, we are just
> starting the process of creating a formal "Program for vulnerability
> assessments", by program we mean process, documentation, and tools.

I recommend the book "Principles of Information Security" by Michaael E. 
Whitman and Herbert J. Mattord.  There is a lot of great information
in there regarding the process and management aspects of security.  Not
a lot of technical information, but some good stuff on risk assessment
and security process stuff. Some of the material is a little dry, and 
most hard-core techies will find it chuffing boring, but the material
is valuable, IMO.

HTH, YMMV, etc...


TTYL,


Phil
-- 
North Carolina - First In Freedom

Free America - Vote Libertarian
www.lp.org