Good Information Security Resources

The month of Apple Bugs is just about over with, and the Month of Kernel bugs is over with, but still the zero day tracker keeps on plugging along and giving out some interesting information that is of a lot of use. Zone H still keeps tracks of when systems get defaced, P2P Net (although unknown for how much longer) keeps track of DRM, and a host of other specialist separated systems keep track of what is happening in information security. While we all have those things that we use on a regular basis, some are the best places to get good information. Statistics are compiled by just about everyone, all the AV vendors keep track of what the vulnerabilities are, but McAfee has the most user friendly set of AV stats, and regular reports that you don't have to pay for to find out what is happening in the world of Anti virus that is pretty much so devoid of marketing spin. http://www.zone-h.org/ today. Eye Zero Day Tracker has some interesting information on what vulnerabilities are still out there that have no patches, and could be exploited. From a statistical viewpoint, keeping tabs on the number of days of exposure is excellent for those folks who want to know how long it takes to really patch something. They can be found at http://projects.info-pull.com/moab/ General Security Statistics - one of the interesting things about statistics is that their data is usually dubious. So finding good statistics that do not look like they are biased is something that when you find it, you keep on going back. Alladin has some of the best information security statistics that I have seen in a while. They can be found at http://www.internetpulse.net/Main.aspx?Metric=PL and is another one of those really good tools to have at your disposal. Is the line slow today because of a network issue or because of bubba and his backhoe? This is the place to find out what the cause is. Internet Storm Center at Comments Add to Del.icio.us | Digg | Reddit | Furl Bookmark Murdok: I am in no way representative or compensated by anyone for this article. There are some tools that are just too good to pass up, and in information security knowing is the battle (with apologies to GI Joe). Dan Morrill has been in the information security field for 18 years, both civilian and military, and is currently working on his Doctor of Management. Dan shares his insights on the important security issues of today through his blog, ITtoolbox blogging community