RE: Information Security Incidents

["Chitre, Salil" <ChitreS () dnb com au>]

Hi Dan,

You could have multiple drop-down menus.

Service Impact: 
[]Confidentiality  []Integrity   [] Availability

Impact related to:
[  ] Unauthorized Access        [  ] Disclosure
[  ] Modification       [  ] Misuse
[  ] Damage             [  ] Loss or destruction

Systems Impacted:
[  ] Windows 2000       [  ] UNIX    
[  ] RAS/VPN    [  ] Firewall   
[  ] SQL Database       [ x ] Other
[  ] Web Servers        [  ] Boundary Security  

May be based on these each incident automatically gets a score. 

Cheers,
Salil

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Dan Vultur
Sent: Wednesday, 23 September 2009 8:12 PM
To: security-basics () securityfocus com
Subject: Information Security Incidents

Hello list,

In our company we are trying to develop an in-house application which
will collect all information security related incidents. The developers
of this applications are asking me what criteria should be there in the
scroll-down.

On the fly I am thinking at the following criteria:

-  unauthorized access,
-  business continuity
-  loss of confidentiality
-  etc

Can you please give me some advice on which criteria should be used if
you have implemented a well-known solution on this aspect.

Many thanks,

Dan



Acest e-mail con?ine informatii care pot fi, partial sau ?n ?ntregime,
protejate de lege. Orice utilizare sau transmitere neautorizata a
acestui mesaj, totala sau partiala, este strict interzisa. Aceste
informatii sunt adresate doar destinatarului si pot sa nu exprime
punctele de vedere ale Bancii Transilvania. ?n cazul ?n care o eroare de
transmitere a directionat gresit acest e-mail, va rugam sa notificati
autorul printr-un raspuns la mesaj. Daca nu sunteti destinatarul vizat,
nu aveti permisiunea sa dezvaluiti, sa distribuiti, sa copiati, sa
tipariti sau sa utilizati acest e-mail.

This e-mail contains proprietary information some or all of which may be
legally privileged. Any unauthorized use or dissemination is prohibited.
It is for the intended recipient only and does not express the views of
Banca Transilvania S.A.  If an addressing or transmission error has
misdirected this e-mail, please notify the author by replying to this
e-mail.  If you are not the intended recipient you must not use,
disclose, distribute, copy, print, or rely on this e-mail.

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an
SSL certificate.  We look at how SSL works, how it benefits your company
and how your customers can tell if a site is secure. You will find out
how to test, purchase, install and use a thawte Digital Certificate on
your Apache web server. Throughout, best practices for set-up are
highlighted to help you ensure efficient ongoing management of your
encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
------------------------------------------------------------------------


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------