Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Malware remediation?

From: "Stein, Nico Alexander" <STEINN () CUA EDU>
Date: Thu, 10 Jan 2013 18:33:52 +0000
Thanks Joel, this is very informative!


Regards,
Nico A. Stein
Network Administrator
The Catholic University of America
202-319-6416



-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Joel 
Rosenblatt
Sent: Thursday, January 10, 2013 1:25 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Malware remediation?

Hi,

I guess we fall in the category of "went another direction" :-)

<http://www.educause.edu/sites/default/files/library/presentations/SEC11/SESS10/PAIRS%2BSPC%2B2011.pdf>

Enjoy!
Joel Rosenblatt

Joel Rosenblatt, Director Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel
Public PGP key
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x90BD740BCC7326C3


--On Thursday, January 10, 2013 3:11 PM +0000 Russ Leathe <Russ.Leathe () GORDON EDU> wrote:


We are currently poc with bit9 and FireEye for malware detection.  I like both products so far.   Do you currently 
own one of these products?  Would you care
to give me your pro's/con's, what you would do differently, etc.

Perhaps you went another direction?

Thanks!

Russ



-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Samuel 
Gaudet
Sent: Wednesday, January 09, 2013 2:25 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Pentest Agreement

Ed Skoudis has a good boilerplate memo he shares with his students that is designed to protect employees in a 
situation similar to yours:

http://www.counterhack.net/permission_memo.html

Hope this helps,
Sam

On Wed, Jan 9, 2013 at 2:21 PM, Adam Vedra <avedra () calvin edu> wrote:

Would any one be willing to share an example of an internal pentest
agreement/permission document between an employer and an information
security employee, ideally one that is used in your own organization?
So far the examples I have turned up are more or less contracts
between an organization and an outside third party.

Thank you for your help and input!

Adam



Adam P. Vedra, CISSP, GSEC
Information Security Officer
Calvin College





--
Sam Gaudet
Systems Security Analyst
University of Maine System
Office: (207) 973-3297





Joel Rosenblatt, Director Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel
Public PGP key
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x90BD740BCC7326C3
Previous By Date Next
Previous By Thread Next

Current thread: