Sistema de blogs Diarium
Universidad de Salamanca
Pablo Gallardo's Blog
My professional web log about IT, Cybersecurity & Project Management
 
Tag Archives | assessment

Methods to assess the Information Security of a Third Party

This post lists methods to assess the Information Security of an organization that acts as a third party for another one (e.g., a provider). This third parties are often referred as 3PL, that is an acronym for third-party logistics. Methods to assess the Information Security of a Third Party List of methods to assess the […]

Comments { 0 }

How to perform an IT Risk Assessment

This post tries to make an overview about how to perform a risk assessment of information technology (IT) assets. Steps to perform an IT risk assessment The summary of steps to be done are: Define scope Select a risk assessment methodology Identify asset types Identify threats Identify vulnerabilities List controls Assign controls to threats Identify […]

Comments { 0 }

Vulnerability Assessment Tools

List of vulnerability assessment tools: Qualys Vulnerability Managment (Qualys VM) Nessus Professional GFI LanGuard Qualys FreeScan Nikto Burp Suite OpenVAS Retina CS SAINT Microsoft Baseline Security Analizer (MBSA) Automated Vulnerability Detection System (AVDS) Core Impact Pro N-Stalker Web Application Security Scanner X Enterprise Edition Acunetix Web Vulnerability Scanner Nipper Studio Nexpose Secunia Personal Software Inspector […]

Comments { 0 }

Differences between Risk Analysis and Business Impact Analysis

Risk Management is a process aimed at achieving an optimal balance between realizing opportunities for gain an minimizing vulnerabilities and loss. Business Impact Analysis (BIA) is performed to determine the impact of losing the availability of any resources to an organization. Performing a BIA is part of Risk Management. Risk Assessment is part of Risk […]

Comments { 0 }
Política de privacidad
Studii Salmantini. Campus de excelencia internacional