Main Menu
Online Incident Reporting
CSIRT Development
CSIRT Training
The following organizations provide a variety of training targeted specifically to CSIRTs including development, design, implementation and operations
CSIRT Projects
Spoofing SSL
Tested the feasibility of designing and developing a visual SSL web site spoof. Visual spoofing does not rely on the URL spoofing, relying instead on the fake images to accomplish the deception. Designed and developed a proof of concept (Evidence that demonstrates that a business model or idea is feasible) which was used to demonstrate how easy it is to deceive customers into revealing personal information. The completed SSL Spoofed web site can be viewed at the following link: http://www.csirt.org/spoof/index.html
Proof of Concept (Evidence that demonstrates that a business model or idea is feasible.)
Incident Response
Authored an Incident Response white paper(s) for the development and implementation of an Incident Response Team (IRT) within the banking industry; this was successfully published in two official publications for the World Bank:
World Bank http://www.worldbank.com (Incident Response)
Electronic
Safety and Soundness: Securing Finance in a New Age
Electronic Security:
Risk Mitigation in Financial Transactions
Authored a white paper directed at Computer Security Incident Response Teams, which can be found published across the internet:
http://secinf.net/misc/Federal_Government_Incident_Response_Team_IRT.html
Incident Response
Security News Updates
Threat Assessments
InfoCon 1: Peacetime
InfoCon 2: Heightened alert
InfoCon 3: Full alert
InfoCon 4: Internet Meltdown
Security Bulletins
Daily and weekly summaries of security issues and new vulnerabilities.