Security Links
News and Blogs
Schneier on Security
University of Cambridge Security Blog
Tao Security: Richard Bejtlich on FreeBSD, network security monitoring, incident response, and network forensics
Securiteam Security News/
Steve Bellovin's Blog
Security News from SANS
http://ha.ckers.org/blog
1 Raindrop: Gunnar Peterson's blog
Fortify Software's Blog
DoD's Information Assurance Technology Analysis Center
Freedom to Tinker
Donna's SecurityFlash
Jon Udell
News.com Security Blog
Security Fix
Wired Magazine's Security News Page
SilverStr's Blog
Conferences
USENIX
IEEE Symposium on Security and Privacy
ACM Computer and Communications Security Conference
Journals and Research Resources
NIST's page of security-related documents open for review and/or comment
Ross Anderson's Research Page
CiteSeer Search Engine for Journal Articles
History and Reference
NIST's page on the History of Security
Assorted Interesting Links
http://afiwcweb.lackland.af.mil/offices/iwb/Index/iwb.cfm
http://appserv.gcn.com/cgi-bin/udt/im.display.printable?client.id=gcn_daily&story.id=40284
http://appserv.gcn.com/forum/qna_forum/38121-1.html
http://arstechnica.com/news.ars/post/20070422-child-porn-case-shows-that-an-open-wifi-network-is-no-defense.html
http://blogs.csoonline.com/agile_software_development?source=nlt_csoupdate
http://blogs.spectrum.ieee.org/riskfactor/2007/09/just_being_inquisitive.html
http://blogs.technet.com/swi/default.aspx
http://blogs.zdnet.com/BTL/?p=5150&tag=nl.e539
http://blogs.zdnet.com/Ou/?p=392&tag=nl.e539
http://blogs.zdnet.com/Ou/?p=485&tag=nl.e539
http://blogs.zdnet.com/security/?p=15&tag=nl.e589
http://blogs.zdnet.com/security/?p=698&tag=nl.e539
http://community.corest.com/~gera/InsecureProgramming/
http://computerworld.com/action/article.do?command=viewArticleBasic&articleId=9051202&pageNumber=2
http://enterprisenetworksandservers.com/monthly/art.php?2083
http://felinemenace.org/ --- OSX Exploitation, in case it's not readily apparent
http://generaldynamics.com/
http://government.zdnet.com/?p=3049
http://government.zdnet.com/?p=3284
http://government.zdnet.com/?p=3308
http://government.zdnet.com/?p=3312
http://govexec.com/story_page.cfm?articleid=36681&dcn=todaysnews
http://ia.gordon.army.mil/iaso/references.htm
http://iase.disa.mil/
http://iase.disa.mil/ditscap/application.htm#c3.4.8
http://iase.disa.mil/policy-guidance/index.html
http://isc.sans.org//port_details.php?port=2222
http://konstantin.beznosov.net/doc/talks/presentation-eXtreme_Security_Engineering.pdf
http://msdn.microsoft.com/security/securecode/default.aspx
http://news.bbc.co.uk/2/hi/entertainment/7174760.stm
http://news.zdnet.com/2100-1009_22-6143003.html?tag=nl.e539
http://news.zdnet.com/2100-1009_22-6147097.html
http://news.zdnet.com/2100-9595_22-5995089.html?tag=nl.e539
http://news.zdnet.com/2102-9595_22-6036951.html?tag=printthis
http://online.wsj.com/article/SB118539543272477927.html?mod=bolcrnews
http://online.wsj.com/article_email/SB118636235144388688-lMyQjAxMDE3ODA2NjMwNjYyWj.html
http://rdist.root.org/
http://searchsecurity.techtarget.com/expert/KnowledgebaseAnswer/0,289625,sid14_gci1210702,00.html?track=NL-102&ad=563345&asrc=EM_NLN_529204&uid=1356318
http://searchsecurity.techtarget.com/expert/KnowledgebaseAnswer/1,289625,sid14_gci1140609_tax301709,00.html?track=NL-108&ad=536432USCA
http://searchsecurity.techtarget.com/general/0,295582,sid14_gci1075697,00.html?track=NL-108&ad=512356USCA
http://searchsecurity.techtarget.com/general/0,295582,sid14_gci1144618,00.html?track=NL-108&ad=534108USCA#intro
http://searchsecurity.techtarget.com/general/0,295582,sid14_gci1172886,00.html?track=NL-108&ad=545657
http://searchsecurity.techtarget.com/generic/0,295582,sid14_gci1094388,00.html
http://searchsecurity.techtarget.com/generic/0,295582,sid14_gci1094388_tax299833,00.html?track=NL-20&ad=540789USCA&adg=299807
http://searchsecurity.techtarget.com/generic/0,295582,sid14_gci1157443,00.html?track=NL-102&ad=541646
http://searchsecurity.techtarget.com/generic/0,295582,sid14_gci1162378_tax299833,00.html?track=NL-20&ad=540789USCA&adg=299807&bucket=REF
http://searchsecurity.techtarget.com/newsResult/1,294699,sid14,00.html?start=0&num=10&within=text&query=ISSO&ctype=ALL&x=27&y=10
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1001647,00.html?track=NL-102&ad=489688
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1153140,00.html?track=NL-102&ad=537903
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1186583,00.html
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1202369,00.html?track=NL-102&ad=557443&asrc=EM_NNL_383412&uid=1356318
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1210959,00.html?track=NL-358&ad=560771&asrc=EM_NNL_459733&uid=1356318
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1225321,00.html?track=NL-102&ad=566465USCA&asrc=EM_NLN_651540&uid=1356318
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci948726,00.html?track=NL-106&ad=504741
http://searchsecurity.techtarget.com/qna/0,289202,sid14_gci815576,00.html
http://searchsecurity.techtarget.com/tip/1,289483,sid14_gci1158732,00.html?track=NL-431&ad=548065USCA
http://searchsecurity.techtarget.com/tip/1,289483,sid14_gci1164096,00.html?track=NL-106&ad=543473USCA
http://searchsecurity.techtarget.com/tip/1,289483,sid14_gci958652,00.html?bucket=ETA
http://searchsecurity.techtarget.com/tip/1,289483,sid14_gci998664,00.html?track=NL-108&ad=512387USCA
http://searchsecurity.techtarget.com/topic/0,295492,sid14_tax300001,00.html?track=NL-108&ad=534108USCA
http://searchsecurity.techtarget.com/topics/0,295493,sid14_tax299993,00.html
http://sf-freedom.blogspot.com/
http://sparrow.ece.cmu.edu/group/pub/franklin_paxson_perrig_savage_miscreants.pdf
http://victoria.tc.ca/int-grps/books/techrev/mnbksc.htm
http://washingtontimes.com/national/20061130-103049-5042r_page2.htm
http://webapp.etsi.org/action/PU/20060801/ts_133246v060700p.pdf#search=%22%22Intruders%20may%20eavesdrop%20MBMS%20User%20Service%22%22
http://williams.comp.ncat.edu/Networks/slidesSecurity_files/frame.htm
http://www.alex-ionescu.com/
http://www.antiphishing.org/
http://www.appsecinc.com/news/events.html
http://www.atsec.com/downloads/pdf/linux-evals-reference.pdf
http://www.boston.com/business/personalfinance/articles/2007/08/21/suspect_named_in_tjx_credit_card_probe/
http://www.business.att.com/resource.jsp?repoid=ProductCategory&repoitem=eb_security&rtype=Whitepaper&rvalue=nbfw_wp&download=yes&segment=ent_biz&pl_code=MATT109C18344P510995B510993S0
http://www.business2.com/articles/mag/0,1640,47095,00.html
http://www.cdt.org/press/20060222press.php
http://www.cerias.purdue.edu/news_and_events/events/security_seminar/
http://www.cert.org/insider_threat/
http://www.cert.org/octave/
http://www.cnss.gov/
http://www.cnss.gov/full-index.html
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9006361&source=rss_topic17
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9009124&intsrc=hm_list
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9011943&taxonomyId=17&intsrc=kc_top
http://www.computerworld.com/printthis/2006/0,4814,110245,00.html
http://www.consumersunion.org/campaigns/Breach_laws_May05.pdf
http://www.cr0.org/
http://www.cscic.state.ny.us/msisac/scada/
http://www.csoonline.com/read/070106/global-culture.html?source=csoupdate
http://www.csoonline.com/read/080106/fea_accesscontrol.html?source=csoupdate
http://www.cybercrime.gov/s&smanual2002.htm#_VB_
http://www.defenselink.mil/cio-nii/
http://www.defenselink.mil/nii/org/c3is/
http://www.defenselink.mil/search/
http://www.dod.mil/nii/org/sio/ia/pki/index.html
http://www.dtic.mil/whs/directives/corres/html/81002.htm
http://www.eng.tau.ac.il/~yash/fw/index.html
http://www.eweek.com/article2/0,1895,1901965,00.asp
http://www.fas.org/irp/program/security/index.html
http://www.fcw.com/article97147-12-18-06-Web&printLayout
http://www.fcw.com/article97658-02-13-07-Web&printLayout
http://www.fcw.com/online/news/151066-1.html?topic=security
http://www.fcw.com/print/13_40/policy/150753-1.html?type=pf
http://www.fips201.com/product/view/11
http://www.fosters.com/apps/pbcs.dll/article?AID=/20070126/FOSTERS01/101260276
http://www.gao.gov/new.items/d06609t.pdf
http://www.gcn.com/blogs/tech/45389.html
http://www.gcn.com/cgi-bin/udt/im.display.printable?client.id=gcn_daily&story.id=41669
http://www.gcn.com/online/vol1_no1/40127-1.html
http://www.gcn.com/online/vol1_no1/40146-1.html
http://www.gcn.com/online/vol1_no1/40224-1.html
http://www.gcn.com/online/vol1_no1/40342-1.html
http://www.gcn.com/online/vol1_no1/41238-1.html
http://www.gcn.com/online/vol1_no1/41301-1.html?CMP=OTC-RSS
http://www.gcn.com/online/vol1_no1/42299-1.html
http://www.gcn.com/online/vol1_no1/42796-1.html?topic=security
http://www.gcn.com/online/vol1_no1/43130-1.html
http://www.gcn.com/online/vol1_no1/43189-1.html
http://www.gcn.com/online/vol1_no1/43339-1.html
http://www.gcn.com/online/vol1_no1/43362-1.html
http://www.gcn.com/online/vol1_no1/43366-1.html
http://www.gcn.com/online/vol1_no1/43443-1.html
http://www.gcn.com/online/vol1_no1/44205-1.html
http://www.gcn.com/online/vol1_no1/44521-1.html?topic=security&CMP=OTC-RSS
http://www.gcn.com/online/vol1_no1/44959-1.html?topic=security&CMP=OTC-R
http://www.gcn.com/online/vol1_no1/45114-1.html?topic=security
http://www.gcn.com/online/vol1_no1/45260-1.html
http://www.gcn.com/online/vol1_no1/45301-1.html
http://www.gcn.com/online/vol1_no1/45394-1.html
http://www.gcn.com/online/vol1_no1/45498-1.html
http://www.gcn.com/online/vol1_no1/45551-1.html
http://www.gcn.com/print/25_16/41040-1.html
http://www.gcn.com/print/25_24/41654-1.html
http://www.gcn.com/print/25_25/41716-1.html
http://www.gcn.com/print/25_29/42085-1.html
http://www.gcn.com/print/25_7/40277-1.html
http://www.gcn.com/print/26_05/43216-1.html
http://www.gcn.com/print/26_06/43300-1.html
http://www.gcn.com/print/26_06/43309-1.html
http://www.gcn.com/print/26_06/43319-1.html
http://www.gcn.com/print/26_07/43391-1.html
http://www.gcn.com/print/26_11/44309-1.html?topic=security
http://www.gcn.com/print/26_2/42957-1.html
http://www.gcn.com/print/26_2/42983-1.html
http://www.gcn.com/print/26_25/45094-1.html
http://www.gcn.com/print/26_25/45110-1.html
http://www.gcn.com/vol1_no1/daily-updates/38079-1.html
http://www.gcn.com/vol1_no1/daily-updates/38080-1.html
http://www.gdc4s.com/content/detail.cfm?item=1c3e07a4-297f-4c99-8f1a-a468c03cb3e1
http://www.gdc4s.com/content/detail.cfm?item=89002f94-d420-47bc-a0d6-f46a6495d5e1
http://www.gdc4s.com/products/index.cfm?o=brand
http://www.google.com/search?client=safari&rls=en&q=ediscovery&ie=UTF-8&oe=UTF-8
http://www.govexec.com/story_page.cfm?articleid=37256&dcn=todaysnews
http://www.heise-security.co.uk/news/91363
http://www.iatf.net/framework_docs/version-3_1/index.cfm
http://www.idtheft.gov/
http://www.indystar.com/apps/pbcs.dll/article?AID=2006610310448
http://www.informationweek.com/shared/printableArticle.jhtml?articleID=199906038
http://www.informationweek.com/shared/printableArticle.jhtml?articleID=201400171
http://www.informationweek.com/shared/printableArticle.jhtml?articleID=201807613
http://www.informationweek.com/story/showArticle.jhtml?articleID=198000229&cid=RSSfeed_IWK_News
http://www.infoworld.com/article/07/05/15/isps-slam-into-wiretap-deadline_1.html
http://www.insurancejournal.com/news/west/2007/04/09/78560.htm?print=1
http://www.isa.org/MSTemplate.cfm?Section=Calendar964&Site=SP99,_Manufacturing_and_Control_Systems_Security1&Template=/Calendar/CalendarEventList.cfm&CommitteeID=6821#
http://www.isi.edu/deter/index.html
http://www.iss.net/security_center/advice/Exploits/Ports/
http://www.itaa.org/news/docs/CALEAVOIPreport.pdf
http://www.itm.iit.edu/578/
http://www.janusassociates.com/products_bioGate.htm
http://www.larstan.net/IBMLand/IBM_MLS.htm
http://www.law.cornell.edu/uscode/html/uscode47/usc_sec_47_00000230----000-.html
http://www.law.uc.edu/CCL/34ActRls/rule17a-4.html
http://www.lightbluetouchpaper.org/
http://www.matasano.com/log
http://www.monarch-info.com/
http://www.networkworld.com/news/2007/020807-rsa-cyber-attacks.html?page=2
http://www.nsa.gov/ia/academia/acade00001.cfm
http://www.nsa.gov/ia/academia/cnsstesstandards.cfm
http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security
http://www.ocregister.com/news/kim-numbers-affairs-1924451-security-social
http://www.pcworld.com/article/id,128887-c,techrelatedlegislation/article.html
http://www.privacyrights.org/ar/ChronDataBreaches.htm
http://www.privoxy.org/
http://www.pulltheplug.org/projects/index.html
http://www.realtime-itcompliance.com/information_security/2007/01/insider_threat_example_medco_e.htm
http://www.rfidvirus.org/
http://www.sandpiperdata.com/Sandpiper_Email_Legal_Issues_2003.pdf
http://www.sans.org/reading_room/whitepapers/incident/631.php
http://www.sans.org/resources/policies/#primer
http://www.schneier.com/blog/
http://www.scmagazine.com/features/index.cfm?fuseaction=featureDetails&newsUID=079979b0-5465-4eee-a397-3b35b752d2bb
http://www.scmagazine.com/home/index.cfm
http://www.secondaryscreening.net/static/archives/book_reviews/
http://www.securitydocs.com/
http://www.securityfocus.com/columnists/423
http://www.smh.com.au/news/security/botmaster-faces-60-years-behind-bars/2007/11/10/1194329553240.html
http://www.techweb.com/wire/184417500
http://www.techweb.com/wire/184429050
http://www.theregister.co.uk/2006/12/13/ubs_logic_bomber_sentenced/print.html
http://www.theregister.co.uk/2007/06/19/webmail_wiretaps_appeal/print.html
http://www.theregister.co.uk/2007/11/09/botmaster_to_plea_guilty/print.html
http://www.timesonline.co.uk/article/0,,2087-2383227,00.html
http://www.usdoj.gov/04foia/04_7_1.html
http://www.usdoj.gov/04foia/1974ssnu.htm
http://www.usdoj.gov/criminal/cybercrime/1030NEW.htm
http://www.voipsa.org/
http://www.vontu.com/products/default.asp#Top
http://www.washingtonpost.com/wp-dyn/content/article/2006/04/04/AR2006040401727_pf.html
http://www.washingtonpost.com/wp-dyn/content/article/2006/10/23/AR2006102301257.html
http://www.washingtonpost.com/wp-dyn/content/article/2006/11/28/AR2006112801686.html?nav=rss_business
http://www.washingtonpost.com/wp-dyn/content/article/2006/12/25/AR2006122500483.html
http://www.washingtonpost.com/wp-dyn/content/article/2007/01/15/AR2007011501301.html?referrer=email
http://www.whitehatsec.com/home/resource/resource.html
http://www.wifialliance.com/OpenSection/protected_access.asp
http://www.wired.com/news/technology/0,70524-0.html?tw=wn_index_1
http://www.zdnetasia.com/news/security/printfriendly.htm?AT=61976560-39000005c
http://www2.csoonline.com/blog_view.html?CID=15287
http://www2.csoonline.com/blog_view.html?CID=15406
http://www2.csoonline.com/blog_view.html?CID=33172&source=nlt_csonewswatch
http://www2.csoonline.com/blog_view.html?CID=33173&source=nlt_csonewswatch
http://www2.csoonline.com/blog_view.html?CID=33182&source=nlt_csonewswatch
http://www2.csoonline.com/exclusives/column.html?CID=32813&source=nlt_csoupdate
https://infosec.navy.mil/ps/?t=main/main.tag&bc=main/bc_main.html
https://www.cndrt.org/frontpage.htm
https://www.pcisecuritystandards.org/tech/
https://www.securinfos.info/old-softwares-vulnerable.php