The CERT/CC is part of the Software Engineering Institute at Carnegie Mellon University Improving Security
CERT® Coordination Center

 Home | What's New | FAQ | Site Contents | Contact Us

Alerts | Improving Security | Education and Training | Reports | Survivability Research | About Us | FTP Archives | Other Resources
Implementation Details

Maintaining currency by periodically reviewing public and vendor information sources 
Applies to the practice:
Establish a policy and procedures that prepare your organization to detect signs of intrusion

Applicable technologies:
UNIX, Windows NT, HP, Sun 
 
There are a rich set of information sources available to you for staying current on emerging intruder trends, attack scenarios, security vulnerabilities, methods for their detection, and guidance to address them. You need to ensure that you set aside time on a daily basis to review and, potentially, take action based on the knowledge and guidance provided in these  information sources. 
General security information Both broad and detailed information on a wide range of information, computer, and network security topics can be found at www.cert.org/other_sources/other_teams.html and include the following: 
  • AUSCERT    Australian Computer Emergency Response Team 
  • CERT/CC     Computer Emergency Response Team Coordination Center
  • CIAC            Computer Incident Advisory Capability
  • COAST         Computer Operations Audit and Security Technology
  • DFNCERT    German Computer Emergency Response Team
  • FIRST            Forum of Incident Response and Security Teams
  • SANS            SANS Institute
  • USENIX        Advanced Computing Systems Association
  • Security Reference Index maintained by Telstra
 
Security fixes and patches Monitor security fixes and patches that are produced by the vendors of your equipment and obtain and install all that apply.
Advisories Subscribe to advisories that are issued by various security indicent response teams and update your systems against those threats that apply to your site's technology.  Sites that publish such advisories include: 
Mailing lists and USENET newsgroups Read relevant mailing lists and USENET newsgroups to keep up to date with the latest information being shared by fellow administrators.
Security tools It is important to regularly review sites that contain a wide range of useful and publicly available security tools.  These include:  See also the security improvement practice Identify and install tools that aid in detecting signs of intrusion and the supporting implementation Identifying tools that aid in detecting signs of intrusion
SEI Home Copyright 1999 Carnegie Mellon University
CERT is registered in the U.S. Patent and Trademark Office.
Page revised: January 18, 1999
URL: http://www.cert.org/security-improvement/implementations/i040.01.html