The Resource Finding and fixing vulnerabilities in information systems : the vulnerability assessment & mitigation methodology, Philip S. Anton [and others] ; prepared for the Defense Advanced Research Projects Agency
Finding and fixing vulnerabilities in information systems : the vulnerability assessment & mitigation methodology, Philip S. Anton [and others] ; prepared for the Defense Advanced Research Projects Agency
Resource Information
The item Finding and fixing vulnerabilities in information systems : the vulnerability assessment & mitigation methodology, Philip S. Anton [and others] ; prepared for the Defense Advanced Research Projects Agency represents a specific, individual, material embodiment of a distinct intellectual or artistic creation found in University of Liverpool.This item is available to borrow from 1 library branch.
Resource Information
The item Finding and fixing vulnerabilities in information systems : the vulnerability assessment & mitigation methodology, Philip S. Anton [and others] ; prepared for the Defense Advanced Research Projects Agency represents a specific, individual, material embodiment of a distinct intellectual or artistic creation found in University of Liverpool.
This item is available to borrow from 1 library branch.
- Summary
- Understanding an organization's reliance on information systems and how to mitigate the vulnerabilities of these systems can be an intimidating challenge--especially when considering less well-known weaknesses or even unknown vulnerabilities that have not yet been exploited. The authors, understanding the risks posed by new kinds of information security threats, build on previous RAND mitigation techniques by introducing the Vulnerability Assessment and Mitigation (VAM) methodology. The six-step procedure uses a top-down approach to protect against future threats and system failures while mitigating current and past threats and weaknesses. The authors lead evaluators through the procedure of classifying vulnerabilities in their systems' physical, cyber, human/social, and infrastructure elements, and identifying which security techniques can be relevant for these vulnerabilities. The authors also use VAM to break down information compromises into five fundamental components of attack or failure: knowledge, access, target vulnerability, non-retribution, and assessment. In addition, a new automated tool implemented as an Excel spreadsheet is discussed; this tool greatly simplifies using the methodology and emphasizes analysis on cautions, risks, and barriers
- Language
- eng
- Extent
- 1 online resource (xxvi, 117 pages)
- Contents
-
- Introduction
- Concepts and Definitions
- VAM Methodology and Other DoD Practices in Risk Assessment
- Vulnerability Attributes of System Objects
- Direct and Indirect Security Techniques
- Generating Security Options for Vulnerabilities
- Automating and Executing the Methodology: A Spreadsheet Tool
- Next Steps and Discussion
- Summary and Conclusions
- Appendix: Vulnerability to Mitigation Map Values
- Isbn
- 9780833035998
- Label
- Finding and fixing vulnerabilities in information systems : the vulnerability assessment & mitigation methodology
- Title
- Finding and fixing vulnerabilities in information systems
- Title remainder
- the vulnerability assessment & mitigation methodology
- Statement of responsibility
- Philip S. Anton [and others] ; prepared for the Defense Advanced Research Projects Agency
- Title variation
-
- Vulnerability assessment & mitigation methodology
- Vulnerability assessment and mitigation methodology
- Language
- eng
- Summary
- Understanding an organization's reliance on information systems and how to mitigate the vulnerabilities of these systems can be an intimidating challenge--especially when considering less well-known weaknesses or even unknown vulnerabilities that have not yet been exploited. The authors, understanding the risks posed by new kinds of information security threats, build on previous RAND mitigation techniques by introducing the Vulnerability Assessment and Mitigation (VAM) methodology. The six-step procedure uses a top-down approach to protect against future threats and system failures while mitigating current and past threats and weaknesses. The authors lead evaluators through the procedure of classifying vulnerabilities in their systems' physical, cyber, human/social, and infrastructure elements, and identifying which security techniques can be relevant for these vulnerabilities. The authors also use VAM to break down information compromises into five fundamental components of attack or failure: knowledge, access, target vulnerability, non-retribution, and assessment. In addition, a new automated tool implemented as an Excel spreadsheet is discussed; this tool greatly simplifies using the methodology and emphasizes analysis on cautions, risks, and barriers
- Cataloging source
- N$T
- Dewey number
- 005.8
- Illustrations
- illustrations
- Index
- no index present
- LC call number
- QA76.9.A25
- LC item number
- F525 2003eb
- Literary form
- non fiction
- Nature of contents
-
- dictionaries
- bibliography
- http://library.link/vocab/relatedWorkOrContributorName
-
- Antón, Philip S
- United States
- Series statement
- Rand note
- Series volume
- MR-1601-DARPA
- http://library.link/vocab/subjectName
-
- Computer security
- Data protection
- Risk assessment
- Label
- Finding and fixing vulnerabilities in information systems : the vulnerability assessment & mitigation methodology, Philip S. Anton [and others] ; prepared for the Defense Advanced Research Projects Agency
- Antecedent source
- unknown
- Bibliography note
- Includes bibliographical references
- Carrier category
- online resource
- Carrier category code
-
- cr
- Carrier MARC source
- rdacarrier
- Color
- multicolored
- Content category
- text
- Content type code
-
- txt
- Content type MARC source
- rdacontent
- Contents
- Introduction -- Concepts and Definitions -- VAM Methodology and Other DoD Practices in Risk Assessment -- Vulnerability Attributes of System Objects -- Direct and Indirect Security Techniques -- Generating Security Options for Vulnerabilities -- Automating and Executing the Methodology: A Spreadsheet Tool -- Next Steps and Discussion -- Summary and Conclusions -- Appendix: Vulnerability to Mitigation Map Values
- Dimensions
- unknown
- Extent
- 1 online resource (xxvi, 117 pages)
- File format
- unknown
- Form of item
- online
- Isbn
- 9780833035998
- Level of compression
- unknown
- Media category
- computer
- Media MARC source
- rdamedia
- Media type code
-
- c
- Other physical details
- illustrations.
- Quality assurance targets
- not applicable
- Reformatting quality
- unknown
- Sound
- unknown sound
- Specific material designation
- remote
- Label
- Finding and fixing vulnerabilities in information systems : the vulnerability assessment & mitigation methodology, Philip S. Anton [and others] ; prepared for the Defense Advanced Research Projects Agency
- Antecedent source
- unknown
- Bibliography note
- Includes bibliographical references
- Carrier category
- online resource
- Carrier category code
-
- cr
- Carrier MARC source
- rdacarrier
- Color
- multicolored
- Content category
- text
- Content type code
-
- txt
- Content type MARC source
- rdacontent
- Contents
- Introduction -- Concepts and Definitions -- VAM Methodology and Other DoD Practices in Risk Assessment -- Vulnerability Attributes of System Objects -- Direct and Indirect Security Techniques -- Generating Security Options for Vulnerabilities -- Automating and Executing the Methodology: A Spreadsheet Tool -- Next Steps and Discussion -- Summary and Conclusions -- Appendix: Vulnerability to Mitigation Map Values
- Dimensions
- unknown
- Extent
- 1 online resource (xxvi, 117 pages)
- File format
- unknown
- Form of item
- online
- Isbn
- 9780833035998
- Level of compression
- unknown
- Media category
- computer
- Media MARC source
- rdamedia
- Media type code
-
- c
- Other physical details
- illustrations.
- Quality assurance targets
- not applicable
- Reformatting quality
- unknown
- Sound
- unknown sound
- Specific material designation
- remote
Library Links
Embed
Settings
Select options that apply then copy and paste the RDF/HTML data fragment to include in your application
Embed this data in a secure (HTTPS) page:
Layout options:
Include data citation:
<div class="citation" vocab="http://schema.org/"><i class="fa fa-external-link-square fa-fw"></i> Data from <span resource="http://link.liverpool.ac.uk/portal/Finding-and-fixing-vulnerabilities-in-information/CJKiDL1jG3s/" typeof="Book http://bibfra.me/vocab/lite/Item"><span property="name http://bibfra.me/vocab/lite/label"><a href="http://link.liverpool.ac.uk/portal/Finding-and-fixing-vulnerabilities-in-information/CJKiDL1jG3s/">Finding and fixing vulnerabilities in information systems : the vulnerability assessment & mitigation methodology, Philip S. Anton [and others] ; prepared for the Defense Advanced Research Projects Agency</a></span> - <span property="potentialAction" typeOf="OrganizeAction"><span property="agent" typeof="LibrarySystem http://library.link/vocab/LibrarySystem" resource="http://link.liverpool.ac.uk/"><span property="name http://bibfra.me/vocab/lite/label"><a property="url" href="http://link.liverpool.ac.uk/">University of Liverpool</a></span></span></span></span></div>
Note: Adjust the width and height settings defined in the RDF/HTML code fragment to best match your requirements
Preview
Cite Data - Experimental
Data Citation of the Item Finding and fixing vulnerabilities in information systems : the vulnerability assessment & mitigation methodology, Philip S. Anton [and others] ; prepared for the Defense Advanced Research Projects Agency
Copy and paste the following RDF/HTML data fragment to cite this resource
<div class="citation" vocab="http://schema.org/"><i class="fa fa-external-link-square fa-fw"></i> Data from <span resource="http://link.liverpool.ac.uk/portal/Finding-and-fixing-vulnerabilities-in-information/CJKiDL1jG3s/" typeof="Book http://bibfra.me/vocab/lite/Item"><span property="name http://bibfra.me/vocab/lite/label"><a href="http://link.liverpool.ac.uk/portal/Finding-and-fixing-vulnerabilities-in-information/CJKiDL1jG3s/">Finding and fixing vulnerabilities in information systems : the vulnerability assessment & mitigation methodology, Philip S. Anton [and others] ; prepared for the Defense Advanced Research Projects Agency</a></span> - <span property="potentialAction" typeOf="OrganizeAction"><span property="agent" typeof="LibrarySystem http://library.link/vocab/LibrarySystem" resource="http://link.liverpool.ac.uk/"><span property="name http://bibfra.me/vocab/lite/label"><a property="url" href="http://link.liverpool.ac.uk/">University of Liverpool</a></span></span></span></span></div>