Hack The Planet

Because if you don't, who will?

Wednesday, December 3, 2008

Visibility

Thought for the day:

If I don’t know about an issue, it can’t hurt me.

This seems to be a major factor in many companies overall security policy. Management has a responsibility to keep costs down and one way to do that is ignore issues until something bad enough happens for them to open their wallets.

For the person in charge of securing the data and systems on the network this is a very big headache. How can this security person be able to perform their job adequately without the proper tools or people? The correct answer is that they can’t. This person has to make it clear to management what issues they are seeing and why it is critical that they get resolved.

To do this you need to have visibility into your network and the ability to present that to your management team. Where do you find the tools or resources to do this though? The internet of course.

www.secviz.org

www.nmap.org

www.nessus.org

www.stillsecure.org

www.snort.org

www.darknet.org.uk

All of these give you free options to help build visual evidence to deliver to the management team. It is hard to keep your head in the sand when someone keeps clearing it away.

posted by holliday at 12:52 pm  

Powered by WordPress