, , ,

As a result of working my through several books (published and unpublished at present) I’ve come across a number of really useful security resources. So I thought i’d bring them together (as much for my own reference) as anything else. The following list provides a brief description of the resource and its link.

  1. SANS Institute (http://www.sans.org/reading-room/) site providing a alot of documentation security and research findings, in addition to more commercial arrangements such as training
  2. OWASP (https://www.owasp.org) guides on threat types and characteristics and guidance on developing secure solutions includes a training tool called webgoat
  3. CXOWare (http://www.cxoware.com/) – home of FAIR risk analysis process and guidance
  4. Metasploit (http://www.offensive-security.com/metasploit-unleashed/Main_Page) a site that provides free security training to help understand how hack attacks work. includes free tools
  5. RadioLabs (http://www.radiolabs.com/stations/wifi_calc.html) provides the means to calculate how far a wifi signal will carry. Important if you don’t want people parking up outside your home/office and hacking your wifi
  6. PolicyTool (http://socialmedia.policytool.net/) provides the means to create fair and reasonable polices for the use of social media in a work environment
  7. TrustedSec’s Atillery (https://www.trustedsec.com/downloads/artillery/) open source tool for detecting security attacks
  8. OSSEC (http://www.ossec.net/) open source intrusion detection system.
  9. NIST (http://csrc.nist.gov/) standards institute with a lot of information on security.
  10. CERT (http://www.cert.org/cert/) SEI’s security activities
  11. Stride (http://msdn.microsoft.com/en-us/library/ee823878) Microsoft’s threat assessment model