Site Sponsor:

mcafee_logo.gif
line

Now Available:

Featured Resource:

line

Realtime Communities

line

Newsletter

Email Address:


line

Monthly Archives

line

RSS

line

Ask the Expert

Have a question for our resident expert? Email your questions to Dan or post a comment to the blog.

« Oracle Security for Web Developers | Main | ISPs Need to Respond to Botnets »

Top Open Source Security Tools

InforWorld has announced it's top tools in a number of open source categories. There are no surprises in the security category with well known applications like Nessus (vulnerability assessment), Snort (IPS), and Spamassasin. An unexpected but welcome recognition went to the Open Source Security Testing Methodologies Manual (OSSTMM) for best testing practices. The paper noted:

Although not an application per se, the OSSTMM (Open Source Security Testing Methodologies Manual) is a phenom in the security world. The OSSTMM project provides an entire testing framework for security throughout the enterprise, including physical security, information security, Internet and wireless security, even security against fraud and social networking attacks. The OSSTMM provides a method for quantifying risk and an excellent foundation for security testing best practices. The project offers testing templates, intense community support, and a first-rate architect in Pete Herzog, scoring our Bossie for security testing best practices.

Congratulations to the OSSTMM team.

Tags:              
 Email This!  Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Dan Sullivan on September 11, 2007 1:13 AM |

TrackBack

TrackBack URL for this entry:
http://www.realtime-websecurity.com/type/mt-tb.cgi/421

Post a comment

(All comments are approved by site leader before appearing here. Thanks for commenting!)

Search

line

Most Active Posts

line

Library Resources

line
line

Recent Posts

line

Categories

line

Latest White Papers

line

Blog Roll

line

Dan Sullivan's Bio:

Dan Sullivan is a systems architect with 20 years of IT experience that includes engagements in enterprise security, application design, and systems architecture. His experience includes a broad range of industries, including financial services, manufacturing, government, retail, gas and oil production, power generation, and education. Dan’s security-related project work has ranged from requirements analysis for enterprise information security to designing and implementing security for database applications and enterprise portals. Dan has written about information security and other enterprise information management topics for Business Security Advisor, DM Review, Intelligent Enterprise, and E-Business Advisor. You can contact Dan at: dan_sullivan@realtimepublishers.net