[TriLUG] Vulnerability assesment programs
Warren Myers
volcimaster at gmail.com
Wed Jul 13 08:31:12 EDT 2005
You might also look at Bruce Schneier's Secrets & Lies. It has a lot about
risk assessment, and what security really is all about.
I own several of his other books also, though I've only read this one
and Applied
Cryptography so far.
Warren
On 7/12/05, Phillip Rhodes <mindcrime at cpphacker.co.uk> wrote:
>
> Kevin Flanagan wrote:
>
>
> > I am now a part of the Information Security team at work, we are just
> > starting the process of creating a formal "Program for vulnerability
> > assessments", by program we mean process, documentation, and tools.
>
> I recommend the book "Principles of Information Security" by Michaael E.
> Whitman and Herbert J. Mattord. There is a lot of great information
> in there regarding the process and management aspects of security. Not
> a lot of technical information, but some good stuff on risk assessment
> and security process stuff. Some of the material is a little dry, and
> most hard-core techies will find it chuffing boring, but the material
> is valuable, IMO.
>
> HTH, YMMV, etc...
>
>
> TTYL,
>
>
> Phil
> --
> North Carolina - First In Freedom
>
> Free America - Vote Libertarian
> www.lp.org <http://www.lp.org>
>
> --
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
>
--
http://warrenmyers.com
"God may not play dice with the universe, but something strange is going on
with the prime numbers." --Paul Erdős
More information about the TriLUG
mailing list