Français
4. Feedback
This chapter presents case studies of security audits and their implementation in an operational context.
4.1 Implementation of the "audit" phase in project management
When it comes to integrating security precepts into a project cycle (whether development- or product-oriented), checkpoints need to be set up throughout the various project phases. The security audit (e.g., technical) is just one phase in this cycle.
As budgets (resources) for security aspects are not infinite, it is a good idea to carry out an initial project triage phase, the role of which is to identify the criticality of the project in question. This triage phase can be carried out rapidly, using a set of predefined questions to identify the need (or not) for close...
The Ultimate Scientific and Technical Reference
This article is included in
Security of information systems
This offer includes:
Knowledge Base
Updated and enriched with articles validated by our scientific committees
Services
A set of exclusive tools to complement the resources
Practical Path
Operational and didactic, to guarantee the acquisition of transversal skills
Doc & Quiz
Interactive articles with quizzes, for constructive reading
Feedback
Conclusion
Bibliography
Works
Software tools
• Aircrack-ng http://www.aircrack-ng.org
• Arachni http://arachni-scanner.comhttps://github.com/arachni
Websites
• Cédric Blancher's blog http://sid.rstck.org/blog
• eSecurity Planet http://www.esecurityplanet.com
• CLUSIF: Documents and safety guides for download http://www.clusif.asso.fr/fr
...Standards and norms
- Information technology – Security techniques – Information security management systems – Requirements - ISO/IEC 27001 - 2005
- Information technology – Security techniques – Information security risk management - ISO/IEC 27005 - 2008
The Ultimate Scientific and Technical Reference
