Security Basics mailing list archives
RE: open source user audit software ??
From: "Craig Wright" <cwright () bdosyd com au>
Date: Thu, 4 Aug 2005 10:45:13 +1000
How about we get the terms right. Pen Testing, Vulnerability tests etc etc are NOT audits. An audit is a systematic and scientifically determined repeatable process designed to test an organisations controls. Pen Testing is not. It is an attempt through whatever methodology to penetrate a system. Vulnerability testing is an attempt to map the major vulnerabilities which effect a system An audit trail is a documentary trail which may be used in an audit Software which is automated can be an aide to an audit - but can not by definition replace an audit. Craig PS Nagging supplied for free. Not even 2 cents -----Original Message----- From: NewYork User [mailto:newyorkuser () gmail com] Sent: 4 August 2005 12:17 To: security-basics () securityfocus com Subject: Re: open source user audit software ?? Michael, I think you are looking to implement "Single Sign-on (SSO) Solution". IBM has 2 products Tivoli Identity Manager (TIM) and Tivoli Access Manager (TAM). If you are looking to implement Open Source Web SSO, SUN has recently donated the code to open source community. Take a look at the following sites. http://www.internetnews.com/dev-news/article.php/3519651 https://opensso.dev.java.net/ On 7/29/05, Michael Gale <michael.gale () bluesuperman com> wrote:
Hello, I believe that IBM has a product called Tivoli which has a component that can do the following: - A new employee is starting, the PM clicks the required access through a web portal. Which then notifies each person required to make
the changes or accounts, plus could make the accounts if allowed. It will provide an audit trail of who requested the access and who approved the request. It can also provide an alert when new accounts have been created with out using the software. Does anyone know of any open source tools that can do this ?? Michael
Current thread:
- open source user audit software ?? Michael Gale (Aug 02)
- Re: open source user audit software ?? NewYork User (Aug 03)
- Re: open source user audit software ?? Michael Gale (Aug 04)
- Re: open source user audit software ?? Rodrigo Blanco (Aug 08)
- Re: open source user audit software ?? Michael Gale (Aug 04)
- <Possible follow-ups>
- RE: open source user audit software ?? Craig Wright (Aug 04)
- Re: open source user audit software ?? NewYork User (Aug 03)