Assessments & Review
Security Assessment Source Code Review
Security Assessment is an explicit study to locate security vulnerabilities and risks
The Computer Emergency Response Team (CERT)
is the coordination center of the computer emergency response team (CERT) for the Software Engineering Institute (SEI), a non-profit United States federally funded research and development center. The CERT/CC researches software bugs that impact software and internet security, publishes research and information on its findings, and works with business and government to improve security of software and the internet as a whole.
The Value of Knowledge and Experience
Our diverse group of researchers, software engineers, security analysts, and digital intelligence specialists relies on both theoretical and empirical knowledge to understand security problems. In addition to our scientific research, collecting actual, real-world data helps us to gain insight into the current climate. By analyzing network traffic, we can help organizations to identify patterns that may indicate attacks.
Information Security Forum
With high profile security breaches continuing to dominate the headlines, the need to protect information has never been more critical when it comes to building trust and business success. In response to this, the Information Security Forum (ISF) – an independent, not-for-profit organisation dedicated to investigating and resolving key issues in the realms of information security and risk management – has established a new Advisory Board. The aim of this move is to identify and address emerging threats before they arise such that businesses can take a more proactive approach to their security planning.
Open Web Application Security Project -Top 10
The OWASP Top Ten is a powerful awareness document for web application security. The OWASP Top Ten represents a broad consensus about what the most critical web application security flaws are. Project members include a variety of security experts from around the world who have shared their expertise to produce this list. We urge all companies to adopt this awareness document within their organization and start the process of ensuring that their web applications do not contain these flaws. Adopting the OWASP Top Ten is perhaps the most effective first step towards changing the software development culture within your organization into one that produces secure code.
SANS TOP 20 CONTROLS COMPLIANCE
PRIORITIZE YOUR ORGANIZATION'S CRITICAL SECURITY CONTROLS FOR EFFECTIVENESS AGAINST REAL WORLD THREATS
The SANS Institute's Top 20 vulnerabilities list always gets a lot of attention, and this year's installment is no exception. A day after its release, security experts took to the blogosphere to weigh in on specific findings, most notably the addition of the VoIP threat. Some also debated whether the list is as valuable as it once was.