Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Tool personalizes security warnings

From: William Knowles <wk () C4I ORG>
Date: Wed, 8 Nov 2000 20:14:48 -0600
http://www.fcw.com/fcw/articles/2000/1106/web-nist-11-08-00.asp

BY Diane Frank
11/08/2000

The National Institute of Standards and Technology announced a service
Tuesday that will enable government and private-sector users to
receive personalized security vulnerability notices.

The new service, named Cassandra and developed by Purdue Universitys
Center for Education and Research in Information Assurance and
Security, builds upon NISTs ICAT searchable vulnerability index. ICAT
provides summaries and links to open vulnerability databases available
on the Internet.

Users can log on to the online Cassandra tool to create profiles,
defining what versions of software and systems exist on their
networks. Those profiles will be stored securely on Cassandra, and
users will be alerted by e-mail whenever the ICAT index adds a
vulnerability description that fits a users profile.

However, because the ICAT index is based on other databases, it is not
updated immediately whenever a new vulnerability appears, said Peter
Mell, program manager for ICAT, speaking Tuesday at the FedCIRC
Information Technology Security Innovations conference in College
Park, Md.

Therefore, Mell said systems administrators should use Cassandra as a
supplement to other notification services, such as the Federal
Computer Incident Response Capability and the National Infrastructure
Protection Center.

Another private-sector organization is working with NIST to develop a
similar tool, which should be available before the end of the month,
Mell said.


*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".
Previous By Date Next
Previous By Thread Next

Current thread: