Find us on
 |
 |
 |
 |
 |
Past Programs
 |
Keynote: Securing IT in Healthcare: Part III |
 |
Keynote: SITH3, Technology-Enabled Remote Monitoring and Support |
 |
Intersection of mHealth and Behavioral Health |
Newsletter
ISTS Information Pamphlet
One important goal of IRIA’s research efforts is to reduce the number of cyber-attacks and related electronic crimes that happen in the first place, thus reducing both the damage to infrastructure elements and the investigative burden on law enforcement personnel. Vulnerability scanners, intrusion-detection systems, and firewalls can help achieve this goal. Although IRIA does not develop commercial versions of such products in-house, it has undertaken an evaluation and certification effort to identify and encourage the use of the best products. Initially, IRIA is focusing on vulnerability scanners, and certifying those scanners that successfully detect the vulnerabilities from the recently updated SANS Top 20 list.
In early 2003, SANS coordinated a detailed enhancement to its Top 20 list. The enhancement included specifications for verification of detection for each vulnerability on the SANS/FBI Top 20 List. These specifications are essentially the same verification details that the IRIA evaluation / certification project was to provide for the Top 20 List. Therefore, IRIA chose not to duplicate this effort and the work on the project was stopped. The modest amount of time that would have been devoted to the project was used to develop enhancements to the Security in the News article-collection and entry tools.
