Dig Security together —— 阅读、挖掘、评论,安全共进步。


Join
Login
Submit Story

Categories

View All
Alert
- Applications security
- Bugtraq
- Exploit from milw0rm
- Exploit from packetstorm
- SANS Handler's Diary
- Virus
- WHID
Attack Vector
- ActiveX
- Botnet
- Data loss
- DDoS
- Emerging Threat
- Iframe
- Insider
- Phishing
- Privacy
- Web defacement
- XSS
Cyber-War
Material
- Ebook
- Podcast
- Security Cartoon
- Tools
Olympics
People
- Why
- zhaol
Sector-Specific
- Banking, Finance & Insurance
- E-commerce & Retail
- Educational Institutions
- Energy, Power & Utilities
- Enterprises
- Government
- Telecommunications
Security Giant
- Cisco
- Google
- IBM
- Microsoft
- NSFOCUS
- Symantec
Security Industry
- Cloud
- Conference
- Jobs
- News
- startup
- web2.0
Security Services
- Incident Response
- ISMS
- IT Audit
- Regulatory Compliance
- Risk Management
- Security Awareness
- Threat Management
- Vulnerability Management
Standard
- BS 25999
- BS 31100
- CMMi
- COBIT
- ISO 20000
- ISO 27001
- ISO 38500

Tag Cloud
IT Audit


1
digs
Free Checklist for Auditing Web Servers
submitted by wanghongyang 425 days ago (via desktopauditing.com)
Verify that the web server is running on a dedicated system and not in conjunction with other critical applications. Verify that the web server is fully patched and updated with the latest approved code. Determine if the web server should be running additional tools to aid in the protection of the web server.
 
0 Comments - More Info - Bury   Topic: IT Audit
2
digs
IT Governance Global Status Report
submitted by guozi 696 days ago (via isaca.org)
From July until October 2007 a survey reaching members of the C-suite was conducted to determine their sense of priority and actions, as well as tools and services needed, relative to IT governance.
 
1 Comments - More Info - Bury   Topic: IT Audit
1
digs
PHP Source Auditor 4 released
submitted by wanghongyang 666 days ago (via iron.randombase.com)
PSA4 is a Perl script that connects to your local webhost and scans all files (recursively) in the www root, for vulnerabilities. It scans for: 1. Remote File Inclusion 2. Remote Command Execution 3. Remote Code Execution 4. Cross Site Scripting 5. SQL injection 6. Local File Inclusion
 
0 Comments - More Info - Bury   Topic: IT Audit
1
digs
Create Your Own Security Audit
submitted by wanghongyang 660 days ago (via itsecurity.com)
The following are 10 steps to conducting your own basic IT security audit. While these steps won't be as extensive as audits provided by professional consultants, this DIY version will get you started on the road to protecting your own company.
 
0 Comments - More Info - Bury   Topic: IT Audit
1
digs
CISA FAQ published
submitted by wanghongyang 633 days ago (via peterhgregory.wordpress.com)
The fulfillment of a two year vision has been realized: the publication of a comprehensive "frequently asked questions" (FAQ) site dedicated to the CISA (Certified Information Systems Auditor) certification.
 
0 Comments - More Info - Bury   Topic: IT Audit
1
digs
SAS 70 Overview Presentation & History of SAS 70
submitted by wanghongyang 633 days ago (via sas70.us.com)
Originally put forth in 1992 as Statement on Auditing Standards No. 70, SAS 70 has a long and unique history, dating back to previous auditing standards Learn about its history and down load SAS 70 sample reports to read. These reports will give you an excellent understanding of the auditing standard, especially SAS 70 Type II reports.
 
0 Comments - More Info - Bury   Topic: IT Audit
1
digs
What is SAS 70? | News and Information on SAS 70 Audits
submitted by wanghongyang 633 days ago (via sas70.us.com)
Learn about important information regarding SAS 70 Type I and Type II audits. Helpful information on the history of SAS 70 audits, benefits, criticism, pricing, other important facts, a road map for SAS 70 compliance, along with a helpful glossary of terms for understanding statement on auditing standards no. 70.
 
0 Comments - More Info - Bury   Topic: IT Audit
1
digs
SAS 70 Audits | Learn All About Type I and Type II Reports
submitted by wanghongyang 633 days ago (via sas70.us.com)
Authoritative, in-depth resource center providing educational content on SAS 70 Type I and Type II audits. A white paper section, industry news, blogging forum, and the ability to download SAS 70 sample reports are all part of this highly informative resource center for SAS 70 audits. Users can also choose the SAS 70 download available option.
 
0 Comments - More Info - Bury   Topic: IT Audit
1
digs
List and review of desktop auditing tools
submitted by wanghongyang 623 days ago (via securityprocedure.com)
Desktop auditing tools list and review
 
0 Comments - More Info - Bury   Topic: IT Audit
1
digs
List of SAP R/3 Security Table
submitted by wanghongyang 623 days ago (via saplib.com)
List of SAP R/3 Security Table for Audit purpose
 
0 Comments - More Info - Bury   Topic: IT Audit






©2008 2sec.org - All content for this site is under a Creative Commons license
About us  |  Contact us  |  FAQ  |  Feedback  |  Links  |  京ICP备07018489号