never-ever-****-with-my.net

End of last week, NIST published four Draft Special Publications on e-mail security, intrusion detection and prevention, web services security, and cell phone forensics.

"This document provides detailed information on developing, implementing, and maintaining effective log management practices throughout an enterprise. It includes guidance on establishing a centralized log management infrastructure, which includes hardware, software, networks, and media. It also discusses the log management processes that should be put in place at an organization-wide level, including the definition of roles and responsibilities, the creation of feasible logging policies, and the division of responsibilities between system-level and organization-level administrators. Guidance is also provided on log management at the individual system level, such as configuring log generating sources, supporting logging operations, performing log data analysis, and managing long-term data storage."

BankInfoSecurity.com published the first part of an article (free registration required) which provides a general overview of the security investigation process, how it fits within the incident response process, the required preparation process, specific issues in banks that need to be considered and the relationship between this process and security intelligence activities.

Update 2006/4/27: Part two has been published.