Penetration Testing mailing list archives
RE: Is there any way to measure IT Security??
From: "Craig Wright" <cwright () bdosyd com au>
Date: Fri, 29 Jul 2005 09:17:16 +1000
17799 - part2 SANS have a few measures The NSA and NIST methodologies are good ITOL COSO COBIT Lots and the list goes on.... Craig -----Original Message----- From: Larry Marin (Irony Account) [mailto:irony () trini org] Sent: 29 July 2005 2:30 To: Toto A Atmojo Cc: pen-test () securityfocus com; security-management () securityfocus com; secpapers () securityfocus com; focus-linux () securityfocus com; libnet () securityfocus com; firewalls () securityfocus com; security-basics () securityfocus com Subject: Re: Is there any way to measure IT Security?? You should check out NSA IAM/IEM Methodology...it works well for me. http://www.iatrp.com/iam.cfm Toto A Atmojo wrote:
Dear all, Currently I'm looking for a tool, or a technique to measure IT
security?
The baseline for security is CIA (Confidentiality, Integrity and Availability), that is every organization which want to called secure must be guarantee that their system comply this matter. But the problem is, we need a tool/technique to measure how secure are
we. Therefore, wee need a tool/technique to measure how close that our
system status now to CIA. Please share your experience about this matter. If there any link about this issue, I really appreciate if you share to us (You may contact me privately) . Best Regs, Toto
Current thread:
- Re: Is there any way to measure IT Security?? Larry Marin (Irony Account) (Jul 28)
- RE: Is there any way to measure IT Security?? Jose Varghese (Jul 29)
- <Possible follow-ups>
- RE: Is there any way to measure IT Security?? Craig Wright (Jul 28)