BACK to Blog

Security links [11.6.2009]

(My 10+ years worth of security bookmarks, actually. New links added frequently, hardly never cleaned. Lots of outdated and broken links).

News & portals
Magazines & Newsletters
Terms
Papers, presentations
Online books
Discussions, Mailing lists
Known Bugs, Warnings
Advisories
Guidelines
Standards
Laws
Awareness
Risk Management
Security Management
Identity, Authentication and Access Management
Disaster Recovery, Business Continuity
Organizations
Conferences
Surveys, stats
Software security
Intrusion Detection Systems
Penetration testing
Public Key Infrastructure
LDAP, Directories
Virtual Private Networks
Firewalls
Crypto
Biometrics
Unix
Windows
Mobile & Wireless 
Ethics
Privacy
Incidents, exploits, hacks, vulnerabilities 
Hackers, crackers, script-kiddies
Infowar, Hactivism
"Traditional Security"
People
Fun
Blogs & Podcasts

   What's new (most recent first)

    1. State of the CSO 2009 
    2. OWASP Live CD for Web Application Security
    3. Security Twits
    4. FindBugs - Find Bugs in Java Programs
    5. Finanssialan Keskusliiton Pankkiturvallisuus-sivusto (finnish)
    6. Tietosuoja-lehti (finnish)
    7. Microsoft Cloud Security Whitepaper 
    8. U.S. National Checklist Program
    9. Web Application Security Scanner Evaluation Criteria
    10. H*Commerce: The Business of Hacking You
    11. Penetration Testing Framework
    12. KPMG 's 2009 IT Internal Audit Survey 
    13. Awareness videos
    14. Thesis: Organisational and Cross-Organisational Identity Management 
    15. Cloud Security Alliance
    16. Security Guidance for Critical Areas of Focus in Cloud Computing 
    17. Using Science to Battle Data Loss: Analyzing Breaches by Type and Industry 
    18. Resources for Secure Software Engineering from Security Compass 
    19. OWASP Podcast
    20. Outpost24: Cyber Criminality 
    21. US Congress PCI hearing: Do the Payment Card Industry Data Standards Reduce Cybercrime?
    22. Building a Web Application Security Program 
    23. OWASP Security Spending Benchmarks Project Report 
    24. Above the Clouds: A Berkeley View of Cloud Computing 
    25. Casaba Security's Watcher tool for Web Security Auditing and Testing
    26. HP SWFScan Flash Security Scanner
    27. Microsoft Security Research & Defense blog
    28. Tietoturva ry 10 vuotta - kerhosta Suomen suurimmaksi tietoturvayhdistykseksi (finnish)
    29. Understanding Uncertainty
    30. The Building Security In Maturity Model (BSIMM)

News & Portals

Magazines & Newsletters

Terms, FAQs

Papers, presentations

Online books, guides

Discussions, Mailing-lists

Known Bugs, Warnings

Advisories

Guidelines

Standards and "standards"

    Common Criteria / ISO 15408

    BS7799 / ISO17799 / ISO 27000

PCI

Laws, directives, etc.

    General

    Finnish Laws

    EC

Awareness

Risk Management

    Methods  & tools

Security Management

Identity, Authentication and Access Management

Disaster Recovery, Business Continuity

Organizations

    CERT

Conferences, seminars

 
Surveys, stats

Software security

    Databases

    Design 

    Programming

    Examples, known problems

  Testing

    Tools -free

    Tool - commercial

    Web Services, XML security

    Intrusion Detection Systems

    General

    Articles, papers, presentations

    Commercial tools

    Free tools

    Trojans, vulnerabilities, port numbers

    Analysis

    Snort

    Snort-based commercial products

     Incident handling & forensics

Penetration testing

    General    

    Commercial tools

    Free tools   

Public Key Infrastructure

    General

    Articles, papers, presentations

    Finnish Electronic Identity (fineid)

    Tools

LDAP, Directories

    General

    Articles & presentations

    Meta-directories

    Commercial Products

    Free tools

Virtual Private Networks