Printer Friendly

NEW TOOL FOR IDENTIFYING VULNERABILITIES UP AND RUNNING.

Sometimes, computers just have too much software. Or at least that is the way it seems to many systems administrators who have to stay on top of viruses and other computer security "Achilles heels." Keeping up with the 100 or so new vulnerabilities discovered each month can be an almost overwhelming task, especially since a single software flaw may be known by over 10 different names and no one source provides information on all of them.

However, NIST has developed a way to make keeping up with vulnerabilities much easier. The new extensive ICAT index--available on NIST's World Wide Web site at http://icat.nist.gov--allows people to search for information on vulnerabilities efficiently using a standard naming scheme developed commercially. Users can quickly zero in on the data they need by using pull-down menus that specify product characteristics (such as vendor name and version number) and vulnerability characteristics (such as related exploit type, vulnerability consequence and exposed component type) for more than 2000 software vulnerabilities.

ICAT provides users with summaries of the vulnerabilities and links to public vulnerability databases available on the Internet, which provide detailed information and "patches" to make software more secure. It should prove to be a valuable resource for systems administrators, computer security officers, law enforcement officials, computer security researchers and software developers.

A way to get regular electronic mail updates from the ICAT index via an e-mail service named Cassandra, is available at https://cassandra.cerias.purdue.edu.

For technical information, contact Peter Mell. Comments about ICAT may be sent to icat@nist.gov.
COPYRIGHT 2001 National Institute of Standards and Technology
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2001, Gale Group. All rights reserved. Gale Group is a Thomson Corporation Company.

Article Details
Printer friendly Cite/link Email Feedback
Publication:Journal of Research of the National Institute of Standards and Technology
Article Type:Brief Article
Geographic Code:1USA
Date:Mar 1, 2001
Words:260
Previous Article:NEW TECHNIQUE FOR BLENDING POLYMERS YIELDS NOVEL STRUCTURES.
Next Article:BALDRIGE CRITERIA CAN HELP ASSESS, IMPROVE...AND GO FOR THE GOLD.
Topics:


Related Articles
Computer Security in the Age of the Internet.
Online research strategies for the bookish lawyer: lawyers with more legal than technical know-how can still use the many computer tools available to...
Network security scanner now commercial. (Security News and Products).
Vulnerability management technology: a powerful alternative to attack management for networks. (Storage Networking).
Three short steps to application security.
Ask FERF (financial executives research foundation) about ... Sarbanes-Oxley Implementation Guidance.
First Exposure Risk Management (ERM) solution.
The first step to storage security: admit you're vulnerable.
Standardizing the patch experience.
Risk assessments and future challenges.

Terms of use | Privacy policy | Copyright © 2020 Farlex, Inc. | Feedback | For webmasters