Karen Scarfone

Guide to Bluetooth Security

Recommendations of the National Institute of Standards and Technology

This document provides info. to organizations on the security capabilities of Bluetooth and provide recommendations to organizations employing Bluetoo...

Guide to General Server Security

Recommendations of the National Institute of Standards and Technology

Servers are frequently targeted by attackers because of the value of their data and services. For example, a server might contain personally identifia...

Technical Guide to Information Security Testing and Assessment

Recommendations of the National Institute of Standards and Technology

An info. security assessment (ISA) is the process of determining how effectively an entity being assessed (e.g., host, system, network, procedure, per...

Guidelines on Firewalls and Firewall Policy

Revision 1

This updated report provides an overview of firewall technology, and helps organizations plan for and implement effective firewalls. It explains the t...

Computer Security Incident Handling Guide

Nist Special Publication 800-61, Revision 2

Computer security incident response has become an important component of information technology (IT) programs. Because performing incident response ef...

Guide to Bluetooth Security

Recommendations of the National Institute of Standards and Technology

...

System and Network Security Acronyms and Abbreviations

Contains a list of selected acronyms and abbreviations for system and network security terms with their generally accepted or preferred definitions. T...

Guide to Securing Microsoft Windows XP Systems for IT Professionals: A NIST Security Configuration Checklist

Recommendations of the NIST

When an IT security configuration checklist (e.g., hardening or lockdown guide) is applied to a system in combination with trained system administrato...

Guide to Security for WiMAX Technologies (Draft)

Recommendations of the National Institute of Standards and Technology (NIST)

Provides info. to org. about WiMAX security capabilities. WiMAX is based on the IEEE 802.16 family of standards. Discusses the security of the WiMAX a...

Guide to Security for Full Virtualization Technologies

The purpose of SP 800-125 is to discuss the security concerns associated with full virtualization technologies for server and desktop virtualization, ...

Guide to General Server Security

The purpose of this document is to assist organizations in understanding the fundamental activities performed as part of securing and maintaining the ...

Guidelines on Cell Phone and PDA Security

Recommendations of the National Institute of Standards and Technology

...

Computer Security Incident Handling Guide

Computer security incident response has become an important component of information technology (IT) programs. Security-related threats have become no...

Guide to IPsec VPNs

Internet Protocol Security (IPsec) is a widely used network layer security control for protecting communications. IPsec is a framework of open standar...

Guide to Industrial Control Systems (ICS) Security

Supervisory Control and Data Ccquisition (SCADA) Systems, Distributed Control Systems (DCS), and Other Control System Configurations Such as Programmable Logic Controllers (PLC)

...

Guide to Intrusion Detection and Prevention Systems

Intrusion detection is the process of monitoring the events occurring in a computer system or network & analyzing them for signs of possible incidents...

Guide to Protecting the Confidentiality of Personally Identifiable Information (PII) (draft) :.

...

User's Guide to Telework and Bring Your Own Device (BYOD) Security

Many people telework, and they use a variety of devices, such as desktop and laptop computers, smartphones, and tablets, to read and send email, acces...

The Common Misuse Scoring System (CMSS)

Metrics for Software Feature Misuse Vulnerabilities

...

Guide to Enterprise Password Management (draft)

Recommendations of the National Institute of Standards and Technology

...

Guide to Enterprise Telework and Remote Access Security (draft) :.

...

Computer Security Incident Handling Guide

Recommendations of the National Institute of Standards and Technology

...

Guidance for Securing Microsoft Windows XP for IT Professionals

A NIST Security Configuration Checklist : Recommendations of the National Institute of Standards and Technology

...

The Technical Specification for the Security Content Automation Protocol (SCAP): SCAP Version 1. 2

Recommendations of the National Institute of Standards and Technology (Special Publication 800-126 Revision 2)

The National Institute of Standards and Technology Special Publication 800-126 Revision 2 “The Technical Specifications for the Security Content Aut...

Security Configuration Checklists Program for IT Products

Guidance for Checklists Users and Developers

...

Guide to Industrial Control Systems (ICS) Security

Supervisory Control and Data Acquisition (SCADA) Systems, Distributed Control Systems (DCS), and Other Control System Configurations Such As Programmable Logic Controllers (PLC) - Recommendations of the National Institute of Standards and Technology

NIST Special Publication 800-82. This document provides guidance for establishing secure industrial control systems (ICS). These ICS, which include su...

Guide to Securing WiMAX Wireless Communications

Recommendations of the National Institute of Standards and Technology (Special Publication 800-127)

The purpose of the National Institute of Standards and Technology Special Publication 800-127, Guide to Securing WiMAX Wireless Communications, is to ...

User's Guide to Securing External Devices for Telework and Remote Access

This publication helps teleworkers secure the external devices they use for telework, such as personally owned and third-party privately owned desktop...

Computer Security Incident Handling Guide

Recommendations of the National Institute of Standards and Technology

...

Definitive Guide to SASE

...

Blockchain Technology Overview

Blockchains are tamper evident and tamper resistant digital ledgers implemented in a distributed fashion (i.e., without a central repository) and usua...

Guide to Secure Web Services

Recommendations of the National Institute of Standards and Technology: Nist Special Publication 800-95

This publication of the NIST seeks to assist organizations in understanding the challenges in integrating information security practices into SOA desi...

Establishing Wireless Robust Security Networks: a Guide to IEEE 802. 11i

Recommendations of the National Institute of Standards and Technology (Special Publication 800-97)

The National Institute of Standards and Technology Special Publication 800-97 provides readers with a detailed explanation of next generation 802.11 w...

Definitive Guide to Security Intelligence and Analytics

...

Guide to enterprise patch management technologies (draft)

recommendations of the National Institute of Standards and Technology

...

The Common Configuration Scoring System (CCSS)

Metrics for Software Security Configuration Vulnerabilities (draft)

The Common Configuration Scoring System (CCSS) is a set of measures of the severity of software security configuration issues. CCSS is derived from CV...

The Hunter's Handbook

Endgame's Guide to Adversary Hunting

...

Guidelines for Managing the Security of Mobile Devices in the Enterprise

...

Guidelines on Active Content and Mobile Code

Recommendations of the National Institute of Standards and Technology

...

Guide to Securing Legacy IEEE 802.11 Wireless Networks

The purpose of this document is to provide guidance to organizations in securing their legacy IEEE 802.11 wireless local area networks (WLAN) that can...