Information security and assurance for all, as one.
Russ McRee's HolisticInfoSec.org is dedicated to sharing information security content and resources in an open, clear manner, with the hope of helping improve infosec for all who seek to do so. Information security is best broken down to the most simple components: best practices and common sense. The threat-scape facing an information security practitioner is perpetually dynamic; we must adapt and evolve as do those threats. Holisticinfosec.org endeavours to aid in that process through dynamic content and timely topics in ISSA Journal's toolsmith. As well we know, those who would do harm never rest: protect your own.
Seek to be proactive, rather than reactive
Think creatively, but adhere to standards
Employ best practices
March's toolsmith features the Faraday IPE, an IDE for penetration testing designed for distribution, indexation, and analysis of the generated data during the process of a security audit (pentest) conducted with multiple users. In April, we'll discuss RAWR, designed to ease the process of the mapping, discovery, and reporting phases of an assessment with a focus primarily on web resources. The ISSA Journal is available to members in print and online at issa.org. Article copies are available on the toolsmith page. Award winning toolsmith offers insights on tools useful to the information security practitioner, typically open source and free.