Other tools
Team Cymru ‘Who and Why’ episodes on security tools
You can find a very helpful set of information about tools in short movies prepared by Team Cymru.
They are all available at Team Cymru YouTube channel. At this channel, the following security tools are presented (mostly by interviewing the tools authors):
- SNORT: episode 13
- NMAP: episode 14
- MRTG: episode 15
- NESSUS: episode 16
- SPAMASSASIN: episode 17
- MALWARE HASH REGISTRY: episode 3
Information collection, analysis and publication support tool
GOVCERT.NL has developed a tool called Taranis, which has been specifically designed to fit the workflow generally seen in a CERT organization for collecting, analyzing and publishing information. Taranis is based on the workflow consisting of five phases used by GOVCERT.NL:
- Collect: collect information from the sources.
- Assess: determine relevance and discard if necessary.
- Analyze: analyze relevant news-items and determine the appropriate product(s) that are to be created on the subject.
- Write: write the product(s) and apply the standard quality assurance cycle.
- Publish: send out the product(s) to the relevant target audience.
The data that is used in the application is based on internationally accepted standards. Vulnerabilities are directly indicated with Common Vulnerabilities and Exposures (CVE) IDs. The software list is based on the Common Platform Enumeration (CPE) list. Taranis contains mechanisms to keep both lists and the mapping between them up to date.
