Re: Project Chroma: A color code for the state ofcyber security

[vulcanius <vulcanius () gmail com>]

By the way, I also noticed that the new site for your project has the
current threat level as yellow. Is it safe to assume that you've already got
your metric systems in place and running?

On Sun, Nov 30, 2008 at 9:41 PM, Mike C <mike.cartall () gmail com> wrote:

> Yes,
>
> The project Chroma leads know of various efforts. But these are either
> vendor specific, or old and unstandardized. Project Chroma aims to be
> very active, and will look to interact with security vendors to
> implement the color codes in security products.
>
> --
> MC
> Security Researcher
> Lead, Project Chroma
> http://sites.google.com/site/projectchromaproject/
>
>
> On Sun, Nov 30, 2008 at 6:28 PM, Tomas L. Byrnes <tomb () byrneit net> wrote:
> > The SANS Internet Storm Center has been doing this for ages.
> >
> > It has the advantage of being data driven, using the DShield reports as
> > a primary sensor mechanism.
> >
> > http://isc.sans.org/
> >
> >
> >
> > > -----Original Message-----
> > > From: full-disclosure-bounces () lists grok org uk
> > [mailto:full-disclosure-
> > > bounces () lists grok org uk] On Behalf Of Mike C
> > > Sent: Saturday, November 29, 2008 9:35 PM
> > > To: Full Disclosure
> > > Subject: [Full-disclosure] Project Chroma: A color code for the state
> > > ofcyber security
> > >
> > > Hi,
> > >
> > > It is time to take an example from Homeland Security and define codes
> > > of color for cyber-warfare threat levels. I propose the following:
> > >
> > > Green level: There is negligible threat to online security.
> > > Yellow level : There is a minimal level of threat, and this must be
> > > monitored and contained.
> > > Orange level: This level of threat indicates there are parties who are
> > > actively engaging in cyber-warfare. Caution is required when online.
> > > Red level: This level indicates a full blown cyber-war. It indicates
> > > very high probability of all communications being intercepted.
> > >
> > > While homeland security's implementation does not seem to have a real
> > > world merit, such a threat level would certainly be very useful in the
> > > online security realm. Please disseminate this announcement of the
> > > project Chroma levels for online security. The immediate mission of
> > > the project is to be picked up by the antivirus and security tools
> > > vendors, so as to add the color codes to their products and provide
> > > users with a tangible measure of their online security.
> > >
> > > Current status: Threat level Yellow.
> > >
> > > --
> > > MC
> > > Security Researcher
> > > Lead, Project Chroma.
> > >
> > > _______________________________________________
> > > Full-Disclosure - We believe in it.
> > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > > Hosted and sponsored by Secunia - http://secunia.com/
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/