| Industry Site |
Summary |
| Audit Net |
The mission of AuditNet® is to develop a complete "utility" on
the World Wide Web for audit related information, products, and
services. AuditNet® is a communications network for auditors
and professional associations. |
| Aleph One |
Smashing the stack for fun and profit. |
| Aleph One. BugTraq |
Frequently asked questions |
| Biometric Consortium |
The Biometric Consortium serves as a focal point for research,
development, testing,
evaluation, and application of biometric-based personal identification/verification
technology. |
| Check Point |
End-to-end Internet security architecture that connects and protects
employees, offices and network resources. |
| Cigital Security |
Cigital developed ITS4 to help automate source code review for
security. ITS4 is a simple tool that statically scans C and C++
source code for potential security vulnerabilities. |
| CISCO (Academy Collection) |
The Cisco Networking Academy Program is a comprehensive e-learning
program, which provides students with the Internet technology skills
essential in a global economy. |
| Certified Information Systems Security Professional |
CISSP Certification was designed to recognize mastery of an international
standard for information security and understanding of a Common
Body of Knowledge (CBK). |
| Computer Technology Industry Association |
(CompTIA), has been dedicated to advancing the growth of the
information technology (IT) industry and those working within it. |
| Crispin Cowan et al |
StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow
Attacks. |
| Industry Site |
Summary |
| David A. Wheeler
|
Secure programming for Linux and Unix how-to.
|
| eSecurity OnLine
|
eSecurityOnline LLC, is a leading
provider of risk management solutions that enable companies
to proactively protect their IT assets from external attacks
and other security threats.
|
| Gartner
Research
|
Gartner, Inc. is a research
and advisory firm that helps more than 10,000 clients leverage
technology to achieve business success.
|
| Generally
Accepted System Security Principles
|
(GASSP) - The International
Information Security Foundation (I2SF) - Sponsored Committee
to Develop and Promulgate Generally Accepted System Security
Principles.
|
| Gibson Research Corporation |
Provides self-help resources and tools for computer
security. |
| Hello World! April, 1999 |
Attack Class: Buffer Overflows |
| Herman ten Brugge |
Bounds checking patch for gcc |
| ICSA Labs |
TruSecure-including ICSA Labs, is the leading provider of
intelligent risk management products and services.
|
| Institute
of Electrical and Electronics Engineers (IEEE) |
The Society is dedicated to advancing the theory, practice,
and application of computer and information processing technology. |
| Industry Site |
Summary |
|
InfoSec and InfoWar
|
Bulletin board consisting of
many types of security issues.
|
| Internet
Security Alliance
|
To use the collective experience
of the members of the Internet Security Alliance to promote
sound information security practices, policies, and technologies
that enhance the security of the Internet and global information
systems.
|
| Information
Systems Audit and Control Association
|
Global organization for information
governance, control, security and audit professionals.
|
| International
Information Systems Security Certification Consortium (ISC2)
|
(ISC2) is the non-profit
international leader dedicated to training, qualifying and
certifying information security professionals worldwide.
|
| Internet
Security Systems
|
Internet Security Systems (ISS)
is the trusted expert to large enterprises and world governments
providing products and services that guarantee protection against
Internet threats.
|
| Masie
Center
|
The MASIE Center is an international
e-lab and ThinkTank. The Center is dedicated to exploring the
intersection of learning and technology.
|
| Mib Software |
Libmib allocated string functions |
| Microsoft.com/Security |
Microsoft's security site which provides updates,
virus alerts and additional security information. |
| Industry Site |
Summary |
| Microsoft Developer Network
|
MSDN Developer Centers pull together content and resources around specific products and technologies. They connect you to code samples, community sites, technical articles and documentation, upcoming events, and much more.
|
| National Cybercrime Training Partnership
|
NW3C Cybercrime Advisory Board, met and drafted a number of recommendations which were sent to the National White Collar Crime Center's Board of Directors for appropriate consideration.
|
| Passport
|
Passport is an online service that makes it possible for you to use your e-mail address and a single password to sign in to any .NET Passport-participating Web site or service.
|
| Privacy
|
Microsoft's security site which provides updates, virus alerts and additional security information.
|
| Microsoft Product Support Service |
Microsoft's online help and support, which includes a knowledge base, downloads & updates and customer support services. |
| Rafal Wojtczuk
|
Defeating Solar Deisgner non-executable stack patch.
|
| Rational
|
IBM Rational® PurifyPlus is a runtime analysis solution designed to help developers write faster, more reliable code.
|
| SANS Institute |
The SANS Institute enables more than 156,000 security professionals, auditors, system administrators, and network administrators to share the lessons they are learning and find solutions to the challenges they face. |
| Search Security |
Provides comprehensive news, links, and online resources to help you secure your company's networks, data, web sites, and hardware. |
| Industry Site |
Summary |
| SecurityFocus
|
DeepSight Threat Management Systems and Alert Services which provide customers with the most comprehensive, proactive early warning system across the broadest range of threats.
|
| Security Space
|
Provide on-line network security auditing services network monitoring services Internet Research reporting, integrated web solutions and application development for secure data transactions.
|
| Shared Source Initiative
|
Microsoft is sharing source code with customers, partners, governments, and competitors.
|
| Solar Designer
|
Linux kernel patch from the Openwall project.
|
| Systems Security Certified Practitioner
|
SSCP Certification was designed to recognize an international standard for practitioners of information security [IS] and understanding of a Common Body of Knowledge (CBK).
|
| System Experts |
Founded in 1994, SystemExpertsTM is a provider of network security consulting services. |
| TechNet
|
TechNet's security resources include advanced procedures and tools to help network adminstrators manage security solutions in the enterprise.
|
| TechRepublic
|
TechRepublic is dedicated to building the best IT community on the Web.
|
| Vendicator |
Stack Shield is a tool for adding protection to programs from these kind of attacks at compile time without changing a line of code.
|