Título: secu-AUDIT: Continuous Computer Security Auditing Experiences

Autores: Urko Zurutuza, Roberto Uribeetxeberria, Jesús Lizarraga, and Iñaki Velez de Mendizabal

Fecha: December 2004

Area: Seguridad

Tema: Mecanismos de Evaluación y Auditoria

Abstract: In this paper, we present the experience obtained by the application of a methodology designed in Mondragon University. In this experience, three different security tools where combined: Nessus, Snort and Nagios. This way, the security administrator and even the enterprise management can easily analyse the organizations information system’s security level in real time. This can be accomplished just by means of checking its representation and assess the risk that involves any change of the level. The ability to measure the current state of the security is essential to continue improving the safeguard of our information. secu-AUDIT, seeks to define and analyse a methodology for the realisation of continuous audits of network security in organisations. This allows a proactive position regarding to security issues as one can be aware of the level acquired as well as the level required. The paper gives a brief overview of security metrics, discusses how the metrics are obtained in order to measure the se rity level and provides an example of carrying out a continuous audit.

[pdf]

[ppt]

Referencia:

bibtex:

@INPROCEEDINGS{zur04c,
  author = {Urko Zurutuza and Roberto Uribeetxeberria and Jes\'us Lizarraga and
    Iñaki Velez de Mendizabal},
  title = {Secu-audit: Continuous computer security auditing experiences},
  booktitle = {In Proceedings of the IADAT International Conference on Telecommunications
    and Computer Networks (TCN 2004)},
  year = {2004},
  address = {Donostia, Spain},
  month = {December}
}