Security Tools and Frameworks

Oct 31, 1997

Abstract

With the emphasis placed on network computing and wide spread sharing of information in any corporate environment, the need for Computer and Network Security hardly needs to be stressed. It is estimated that combined losses from Computer and telecommunication fraud is close to 10 billion dollars an year in the US and majority of these incidents are not even reported. (Ref: Practical Unix & Internet Security - Garfinkel & Spafford)

In my talk, I shall be presenting my work towards the objective of improving the general level of security in a corporate environment. I shall be broadly discussing some of the vulnerabilities classes that are part of a corporate environment without going into specifics, and how to go about looking for them. I shall then be detailing the wide variety of security tools that are currently available in the public domain and the commercial world . The Unix and NT platforms were chosen for this study. We shall look a little bit in detail at the features of some of the security tools that I had shortlisted and evaluated and finally a look at some of the recommendations that were made in improving the security infrastructure of the company.