tools

Update: Tools used by software developers

Update: Tools used by software developers

Tools used by software developers to test for faulty design are now being employed by hackers to discover unknown vulnerabilities, a security firm has warned.
Staff Writers Aug 14 2006 2:44PM Security
Review: Coroner's Toolkit

Review: Coroner's Toolkit

The Coroner’s Toolkit, or TCT is an open-source set of forensic tools for performing post-mortem analysis on Unix systems. Written by Dan Farmer and Wietse Venema, both very well known in security circles for such programs as SATAN, TCT is not an easy product to use. A serious knowledge of Unix is a prerequisite for success, but if you can manage it, this is an extremely powerful set of tools.
Peter Stephenson,CeRNS, Jul 11 2006 12:00AM Security
Review: EnCase Forensic

Review: EnCase Forensic

This new version of EnCase shows its pedigree as the oldest of the GUI-based IT forensic tools. We found it very simple to operate and use.
Peter Stephenson,CeRNS, Jul 11 2006 12:00AM Security
Review: Forensic ToolKit

Review: Forensic ToolKit

The Forensic ToolKit (FTK) is very powerful and comes loaded with features, although it is naturally difficult to make such a powerful tool completely simple to use. The program interface can overwhelm at first glance, with all its different features and options, but after reading the documentation and getting to know the program, it becomes much more intuitive.
Peter Stephenson,CeRNS, Jul 11 2006 12:00AM Security
Review: i2 Analyst's Notebook

Review: i2 Analyst's Notebook

This is a very different type of analysis tool from those infosec professionals are used to. Link analysis, a crucial aspect of incident response, is usually done manually or by trying to use log correlators. This is a true link analyser with a long pedigree in analysing complex crimes and security incidents.
Peter Stephenson,CeRNS, Jul 11 2006 12:00AM Security
Review: LogLogic LX 2000

Review: LogLogic LX 2000

LogLogic’s LX 2000 is an excellent log analysis tool. It is powerful, can be distributed, and is a mature and useful product. But it is not for the faint-hearted. While its user interface is excellent, it has many hidden capabilities that require some time to understand.
Peter Stephenson,CeRNS, Jul 11 2006 12:00AM Security
Review: Mandiant First Response

Review: Mandiant First Response

First Response is a freeware audit tool and is a little difficult to use in the beginning. The interface, deploying agents and gathering data can also be a little awkward at first, but this program can be very useful once the user has a grasp on what it does and what it is capable of.
Peter Stephenson,CeRNS, Jul 11 2006 12:00AM Security
Review: NetWitness

Review: NetWitness

NetWitness is a network traffic security analyser that the vendor describes as a “security intelligence” tool. Setup is simplified by its new installation wizard, that worked correctly the first time, and was a breeze. We then fed it a set of snort packet logs, that it accepted without complaint, and were able to begin analysis within an hour.
Peter Stephenson,CeRNS, Jul 11 2006 12:00AM Security
Review: ProDiscover Incident Response

Review: ProDiscover Incident Response

ProDiscover IR is a complete IT forensic tool that can access computers over the network (with agents installed) to enable media analysis, image acquisition and network behaviour analysis.
Peter Stephenson,CeRNS, Jul 11 2006 12:00AM Security
Review: Sleuth Kit & Autopsy Browser

Review: Sleuth Kit & Autopsy Browser

Sleuth Kit and Autopsy Browser are excellent examples of what happens when a talented developer builds on good prior work. These products, used together, are freeware open-source computer forensic tools built on the Coroner’s Toolkit. But the developer, Brian Carrier, has taken his considerable expertise in file systems of all kinds and applied it here.
Peter Stephenson,CeRNS, Jul 11 2006 12:00AM Security
IBM offers free tools for application security

IBM offers free tools for application security

IBM announced today the availability of free hosted software to help customers and developers better engineer safety into business applications, instead of having to reactively respond to security holes.
Dan Kaplan Jun 22 2006 9:20PM Security
Experts detect sharp hike in ‘script kiddie’ phishing tools

Experts detect sharp hike in ‘script kiddie’ phishing tools

Almost a third of phishing attacks during February were generated by technically unskilled individuals using so-called script kiddie kits, new monitoring data has revealed.
William Eazel Mar 31 2006 9:02AM Security
Porn worm disables security tools

Porn worm disables security tools

Security experts have warned users to be wary of unsolicited emails claiming to contain obscene pictures and sex movies. The Nyxem-D worm (also known as Email-Worm.Win32.VB.bi or W32.Blackmal.E@mm) can spread via email using a variety of pornographic disguises in an attempt to disable security software.
William Eazel Jan 19 2006 9:43AM Security
Review: TriGeo Security Information Manager

Review: TriGeo Security Information Manager

This product is based upon a substantial rack-mount hardware appliance running Linux, and a Windows-based console and reporting capability with which to administer the system. Agents are then placed on target machines across the network and acknowledged at the console.
Julian Ashbourn Nov 1 2005 12:00AM Security
Review: NetIQ Security Manager

Review: NetIQ Security Manager

This comprehensive product seems to offer a great deal: event monitoring and management; intrusion detection; comprehensive reporting and analysis. All this, plus three printed manuals, an installation guide, user guide and programming guide.
Julian Ashbourn Nov 1 2005 12:00AM Security
Review: Lightning Console

Review: Lightning Console

This software-based console collates security-related information into a central entity, in order to enable analysis and response.
Julian Ashbourn Nov 1 2005 12:00AM Security
Review: Applied Watch

Review: Applied Watch

The open source philosophy is still gaining ground. But for some, it still smacks less of enterprise-level IT than the enthusiast working alone in their shed at night.
Julian Ashbourn Nov 1 2005 12:00AM Security
Old school rules, new school tools

Old school rules, new school tools

It was a great security conference. The sponsored lunch had gone down a treat, the wine was excellent. The next speaker was being announced: "...will talk on the CIA Principles of Information Security." Yawn, that guy must be old enough to predate punched cards.
Andrew Yeomans Jul 29 2005 2:16PM Security
Review: EnCase Forensic

Review: EnCase Forensic

Guidance Software's EnCase product is the undisputed heavyweight of the forensic software market, and version 5.0 introduces a slew of new features that will keep its opposition firmly on the ropes.

Jon Tullett Jul 21 2005 12:00AM Security
Review: Forensic Field Kit

Review: Forensic Field Kit

WiebeTech's forensic kits tackle two very specific points of pain for forensic investigators: conducting field acquisition and transporting data safely (to prevent damage and ensure the chain of evidence is unchallengeable).

Jon Tullett Jul 21 2005 12:00AM Security

Log In

  |  Forgot your password?