CERT and ISO 27001

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

CERT and ISO 27001

DjinnS C.
Hi,

I'm searching a service/company doing continuos review of security
alerts for various tools, software and hardware (Apache, PHP, Cisco
IOS, Juniper JunOS, Netapp Ontap, etc ...).

I think the right way is to use a CERT offering commercial services
with daily notifications about a list of specifics choosen subjects.

I found some companies with a commercial CERT offering this services:
Lexsi, XMCO, Intrinsec.

Do you know or use a service link this ?

We need this for our implementation of ISO 27001 standard.

Thank you in advance.

Regards,

--
Guillaume

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

Reply | Threaded
Open this post in threaded view
|

RE: CERT and ISO 27001

FILLETTE, ARNAUD (ARNAUD)
Hi Guillaume,
You might want to look at the Cert-IST as well (http://www.cert-ist.com/public/ ).They do provide such vulnerability and threat watch service for Industry and Services Business.  
Arnaud

-----Message d'origine-----
De : [hidden email] [mailto:[hidden email]] De la part de DjinnS C.
Envoyé : mardi 13 mai 2014 12:11
À : [hidden email]
Objet : CERT and ISO 27001

Hi,

I'm searching a service/company doing continuos review of security alerts for various tools, software and hardware (Apache, PHP, Cisco IOS, Juniper JunOS, Netapp Ontap, etc ...).

I think the right way is to use a CERT offering commercial services with daily notifications about a list of specifics choosen subjects.

I found some companies with a commercial CERT offering this services:
Lexsi, XMCO, Intrinsec.

Do you know or use a service link this ?

We need this for our implementation of ISO 27001 standard.

Thank you in advance.

Regards,

--
Guillaume

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

Reply | Threaded
Open this post in threaded view
|

Re: CERT and ISO 27001

Bob Smith
The Cassandra Tool from Perdue may be a good option.  It is free and you can select which products/vendors you want to receive alerts for. It pulls from the mitre CVE database/ ICAT metabase.

https://cassandra.cerias.purdue.edu/main/index.html



> On May 13, 2014, at 7:37 AM, "FILLETTE, ARNAUD \(ARNAUD\)" <[hidden email]> wrote:
>
> Hi Guillaume,
> You might want to look at the Cert-IST as well (http://www.cert-ist.com/public/ ).They do provide such vulnerability and threat watch service for Industry and Services Business.  
> Arnaud
>
> -----Message d'origine-----
> De : [hidden email] [mailto:[hidden email]] De la part de DjinnS C.
> Envoyé : mardi 13 mai 2014 12:11
> À : [hidden email]
> Objet : CERT and ISO 27001
>
> Hi,
>
> I'm searching a service/company doing continuos review of security alerts for various tools, software and hardware (Apache, PHP, Cisco IOS, Juniper JunOS, Netapp Ontap, etc ...).
>
> I think the right way is to use a CERT offering commercial services with daily notifications about a list of specifics choosen subjects.
>
> I found some companies with a commercial CERT offering this services:
> Lexsi, XMCO, Intrinsec.
>
> Do you know or use a service link this ?
>
> We need this for our implementation of ISO 27001 standard.
>
> Thank you in advance.
>
> Regards,
>
> --
> Guillaume
>
> ------------------------------------------------------------------------
> Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> ------------------------------------------------------------------------
>

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------