Computer Security Agencies and Providers of Security Reports and News Alerts
- CERT. From the CERT website, “The CERT® Program is part of the Software Engineering Institute (SEI), a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. Following the Morris worm incident, which brought 10 percent of internet systems to a halt in November 1988, the Defense Advanced Research Projects Agency (DARPA) charged the SEI with setting up a center to coordinate communication among experts during security emergencies and to help prevent future incidents. This center was named the CERT Coordination Center (CERT/CC). While we continue to respond to major security incidents and analyze product vulnerabilities, our role has expanded over the years. Along with the rapid increase in the size of the internet and its use for critical functions, there have been progressive changes in intruder techniques, increased amounts of damage, increased difficulty of detecting an attack, and increased difficulty of catching the attackers. To better manage these changes, the CERT/CC is now part of the larger CERT Program, which develops and promotes the use of appropriate technology and systems management practices to resist attacks on networked systems, to limit damage, and to ensure continuity of critical services.”
- Computer Security Resource Center. The CSRC is provided by the Computer Security Division (CSD) of the Information Technology Laboratory (ITL) which is part of the National Institute of Standards Technology (NIST). The Computer Security Division Responds to the Federal Information Security Management Act of 2002.
- Defense Security Service – From the DSS website, “The Defense Security Service (DSS) is an agency of the Department of Defense (DoD) located in Alexandria, Virginia with field offices throughout the United States. The Under Secretary of Defense for Intelligence provides authority, direction and control over DSS. DSS provides the military services, Defense Agencies, 23 federal agencies and approximately 12,000 cleared contractor facilities with security support services.”
- Gibson Research – Provider of Internet security, port scanning, firewalls, and utility software.
- HIPA Advisory Top 10 Security Vulnerabilities List
- SANS. From the SANS website, “The SANS (SysAdmin, Audit, Network, Security) Institute was established in 1989 as a cooperative research and education organization. Its programs now reach more than 165,000 security professionals around the world. A range of individuals from auditors and network administrators, to chief information security officers are sharing the lessons they learn and are jointly finding solutions to the challenges they face. At the heart of SANS are the many security practitioners in varied global organizations from corporations to universities working together to help the entire information security community.”
- Secunia. From the Secunia web site, “It is Secunia’s ambition to be the leading vulnerability intelligence provider and distributor in the world – second to none. In Autumn 2002, Secunia was established and set upon this ambition. Today, our community and network of security professionals, system administrators, and network administrators reaches more than 5 million unique visitors annually and our services are integrated in thousands of businesses and governmental institutions. Challenging huge industrial security players, Secunia has managed to gain a very strong position within the industry of Vulnerability Assessment, Remediation, and Management. Not only has Secunia managed to attain the status of a highly respected player in the industry, we are also highly regarded and frequently acknowledged by software vendors, security institutions, and the global media.” [ Security Website | Corporate Website ]
- http://www.us-cert.gov/
Computer Security Software Providers
- Grisoft (providers of AVG Free)
- McAfee
- Microsoft OneCare
- Symantec
- TrendMicro