[TriLUG] Vulnerability assesment programs

Warren Myers volcimaster at gmail.com
Wed Jul 13 08:31:12 EDT 2005


You might also look at Bruce Schneier's Secrets & Lies. It has a lot about 
risk assessment, and what security really is all about.

I own several of his other books also, though I've only read this one
and Applied
Cryptography so far.

Warren

On 7/12/05, Phillip Rhodes <mindcrime at cpphacker.co.uk> wrote:
> 
> Kevin Flanagan wrote:
> 
> 
> > I am now a part of the Information Security team at work, we are just
> > starting the process of creating a formal "Program for vulnerability
> > assessments", by program we mean process, documentation, and tools.
> 
> I recommend the book "Principles of Information Security" by Michaael E.
> Whitman and Herbert J. Mattord. There is a lot of great information
> in there regarding the process and management aspects of security. Not
> a lot of technical information, but some good stuff on risk assessment
> and security process stuff. Some of the material is a little dry, and
> most hard-core techies will find it chuffing boring, but the material
> is valuable, IMO.
> 
> HTH, YMMV, etc...
> 
> 
> TTYL,
> 
> 
> Phil
> --
> North Carolina - First In Freedom
> 
> Free America - Vote Libertarian
> www.lp.org <http://www.lp.org>
> 
> --
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
> 



-- 
http://warrenmyers.com
"God may not play dice with the universe, but something strange is going on 
with the prime numbers." --Paul Erdős


More information about the TriLUG mailing list