(ISC)² CISSP Security certification

Security Configuration Guides - hardware, OS, applications

SANS Institute - security policies * TOP SITE *

Privacy Rights ClearingHouse

ASIS International - CPP certification

Internet Storm Center - intrusion detection log reports

InfraGard - information sharing (government & business)

Information Systems Security Association (ISSA)

Center for Internet Security - methods, tools, and measures

Alerts, Advisories, and summaries - corrective measures

CERT Virtual Training Environment Public Access (Training)

US Computer Emergency Readiness Team (est. 2003)

List of Common Vulnerabilities and Exposures (CVE)

Trusted Assessment/Evaluation Program (TTAP/TPEP)

Rainbow Series Library (DoD Guides/Criteria)

UK ITSEC / Common Criteria Assurance

European Union (EU) ITSEC / Common Criteria and Methods

Common Criteria (CC) Support Environment

Security Forum - Open Group

Computer Security Institute

Honeynet Project - OpenSource research (Linux CD)

Security infrastructure monitor - Framework

Network Security Library (Policies / Rainbow)

Security Web Site

Radius protocol server, Demon for UNIX OS

OpenLDAP software, Java LDAP class libraries

Kerberos Network Authentication Protocol

IP Video Surveillance News and Reviews

Biometric Consortium

VOIP Security Alliance - VoIP Tools

.

Google Hacking Database (GHDB)

Geographic IP address locator

Network security - Log Analysis, Net Monitoring

Audit log & Syslog receiver - Windows (OpenSource)

IPS Testing - Bidirectional replay saved tcpdump dumpfiles

Windows password cracking software

Web application security assessment tool

Password security explorer (Audit tool)

Network security related tools / projects

Open source security - MSyslog (Python)

Immunity security - (GNU) Public Software

Security tool - NMAP distribution

TL Security - List of backdoors and Trojans

Security / Cryptography / Reference software

Live Ammo Security - Tools / Services

WLAN, Bluetooth and bootable Auditor ISO CD

eEye SecureIIS Firewall / Security Scanners

UNIX remote security scanner, (Client/Server) - Free (*)

Security & Hacking Community resources

Extensive data recovery / forensic tools

Network Infrastructure Parser (NIPPER) - open source

Wireless Client Security Tools - KARMA

.

SSH Protocol creator - tech information

OpenSSH encryption terminal session tools - secure telnet, ftp

SSH clients/Servers - Windows, UNIX, Java, Others

Building Linux SSH jump points - Instructions

.

PKI and trusted Certificate Authorities (CA) Listing

Certificate Authority (CA) - Thawte (SSL)

.

MIT Freeware distribution center PGP site - Encryption

Library of SECURITY information

National Center for Education Statistics - Safeguarding IT

About.com - Network Security

Security information relating to locks and safes

Fred Cohen & Associates - Strategic Security & Intelligence

IWS - Information Warfare Site - Security Issues

A Cryptographic Compendium

AES encryption, encodes into the background of other files

Information Security Resources - Idaho State University

Security Portal for Information System Security

Provides cryptography technology & services to companies

AES algorithm (Rijndael) information - NIST

SKIP - Simple Key Management for Internet Protocols

Security news, vulnerabilities and many tools

Security Risk Analysis information / software

National Security Institute - Reference Library

Bureau of Industry and Security - US Dept of Commerce

Interpol - Information Security crime section

DSS - Defense Security Service (DoD agency)

XSS (Cross Site Scripting) Cheat Sheet (filter evasion)

.

NIST - Computer Security Resource Center (CSRC)

NIST - Computer Forensic Tool Testing Program (CFTT)

NIST - ICAT Vulnerability Searchable Metabase

NIST - online NIST Security Assessment Tool

NIST - Security PDF Publications

.

Disaster Recovery World - Impact / Planning

DRI (Disaster Recovery) International

Disaster Recovery Journal

SUNGARD Availability Services

IBM Business Continuity and Recovery Services

FEMA Business Recovery Checklist

.

McAfee Antivirus Software & IPS

Sophos Antivirus, Anti-spam

Trend Micro - Antivirus, Anti-Spam

Symantec "Norton" Antivirus, anti-spyware, endpoint

F-Secure Antivirus and security tools

CA Antivirus Enterprise "eTrust"

AVG Free Antivirus & Antispyware

Anti-spyware product, scans in real time

Another Anti-spyware product

Anti-Malware - freeware

AV-Test testing lab - independent

Free Antivirus and Anti-Malware resources

raw (i.e. dd, 512-bytes), Expert Witness EWF (i.e. EnCase)

AccessData Forensic Toolkit (FTK)

ASR Data SMART - Storage Media Analysis Recovery Toolkit

Basis Technology - Odyssey Digital Forensics

The Coroner's Toolkit (TCT) - UNIX system tools

Guidance Software - EnCase

John the Ripper - password cracker (open source)

Logic Cube - Forensic Dossier (Drive Duplication)

Online Digital Forensic Suite (live computers)

Paraben P2 - Handheld devices

Scalpel - file carver

Sleuth Toolkit (command lines) - open source

X-Ways Forensics

Helix - Detect, Identify, Analyze, Preserve and Report

.

US Copyright Office - Library of Congress

US Patent and Trademark Office - Dept Commerce

Electronic Frontier Foundation (EFF)

.

Database auditing / assessment - AuditDB

Database security / monitoring - appliance based

Database Activity Monitoring - SecureSphere

Database Activity Monitoring - Mantra

Database auditing - DB Audit

Database auditing/alerting - SQL Compliance Manager

Database Activity Monitoring - NitroView DBM

Database Audit Controls - IPLocks Audit Control

Hedgehog Real-Time Database Monitoring

.

CheckPoint Firewall-1/VPN software vendor

Independent CheckPoint Firewall/VPN FAQs, Links, downloads

Microsoft Internet Security & Acceleration Server (ISA)

Cisco PIX 500 Series Firewalls

Cisco PIX software LOG messages (Ver 6) PDF

Mission Critical Systems - Security Vendor

.

Network Management/Security software tools

Security software and services

Application Security - Fortify

Abagnate - Anti-Check Forgery

Security training/compliance - "For Your Eyes Only"

AirMagnet's wireless LAN planning / management tools

Security products - enVision, SecureID, ...