Tag Archives: tools

The Analytic Staircase for Auditors

analytic staircase stepsBuilding a successful audit analytics program is like climbing a staircase.

The staircase is a set of steps that consist of several items having increasing levels of maturity.

The staircase steps not only help you build your program, but enable you to measure that maturity.

As you view the staircase graphic, mentally insert the word “analytics” before each step.

Continue reading

3 Comments

Filed under ACL, Audit, Data Analytics, How to..., Technology, Written by Skyyler

Free CEH/Shon Harris Videos

Shon Harris is offering FREE Certified Ethical Hacking (CEH) videos for online viewing. According to Harris, all the videos together are over 25 hours long.

The videos are listed below and can be viewed at www.logicalsecurity.com/resources/resources_videos.html.

So what’s the catch? Make sure you read this entire post before you leap!

Leave a comment

Filed under Audit, Free, How to..., Security

Free/Cheap Monitoring Tools (SANS)

In case you missed it, the Internet Storm Center had a great post the other day, asking readers:

Continue reading

Leave a comment

Filed under Free, Security

May = Audit Awareness Month

Did you know that it’s Internal Auditing Awareness Month? More importantly, do you care?

If so, check out this IIA website for ideas, tools, and resources for promoting an internal audit group near you.

Continue reading

Leave a comment

Filed under Audit

New Nmap/SecTools.org Survey

[ W A R N I N G :  The following links are often categorized by web filters as Hacking links, but only because the tools on this website are used by crackers as well as auditors and security analysts. This is a safe website, but the “watchers” at your workplace or school may not agree – BEWARE.]

UPDATE: The results of the new survey have been released...

SecTools.org is running their every-few-years survey that will “guide Nmap development and also enable a brand new and much-improved overhaul of SecTools.Org.”

Continue reading

Leave a comment

Filed under Security

Quote of the Weak (Blueberries?)

I was at Menards getting ready for my new garden (see my other Menards adventure). As I was checking out, the cashier scanned a blueberry plant that was packaged in a large paper cup, with a small cluster of leaves poking out the top.

Continue reading

Leave a comment

Filed under Quote of the Weak

Save Your Blog!

If you’re a blogger, have you saved your blog lately?

WordPress makes it easy. Here’s how to do it if you have a free blog:

Continue reading

Leave a comment

Filed under Blogging, How to...

What Needs to be on a GOOJ Card?

If you probe networks, systems, and applications, you need a GOOJ card to protect yourself and your job.

In How to Stay Out of Jail, I recommended that anyone who scans, probes, or pokes networks, systems, or devices should always carry a get-out-of-jail (GOOJ) card. I also provided some reasons why such a card is critical.

Continue reading

9 Comments

Filed under Audit, How to..., Security, Technology

How to Stay Out of Jail

If you work in information security or IT audit (and I don’t mean IT SOX audit), I’d advise you to carry a “get-out-of-jail” (GOOJ) card at all times. In short, get permission before you do your dirty work.

Continue reading

4 Comments

Filed under Audit, Security