Government Security
Network Security Resources

Jump to content

Photo

Audit Program


  • Please log in to reply
2 replies to this topic

#1 cb122

cb122

    Private First Class

  • Members
  • 37 posts

Posted 18 February 2011 - 01:40 AM

Can anyone recommend a good audit program / benchmark for a corporate exchange setup to help identify security weaknesses?

And/or a pen testing framework that will list common/up to date security issues with email - and ways to mitigate them?

#2 Marts McFly

Marts McFly

    Second Lieutenant

  • Second Lieutenant
  • 591 posts

Posted 18 February 2011 - 08:07 PM

Do you/your company have a budget? You would be looking for an 'enterprise grade' vulnerability management system. QualysGuard recently won SCMagazine award for best vuln management system. There are also ones from McAfee, HP, IBM etc. I think even GFI might work for cheaper.

If you are looking for a linux alternativie, I think you would find it more painful than productive for exchange and update/policies.
Certified Information Systems Security Professional (CISSP)

T: http://twitter.com/Marts_McFly

B: http://www.backtosecurity.com

#3 beardednose

beardednose

    Retired GSO First Lieutenant

  • Sergeant Major
  • 1,916 posts

Posted 23 April 2011 - 02:47 AM

Auditnet.org is probably the best site for audit workplans (from an auditor standpoint, not a security/pentest standpoint). However, the site is not free, but you can get a 30-day trial for a level 1 account. A premium account gives you access to all content.

Annual fees:
Basic 30 Day Trial- Free
Basic (Individual only)- $18
Premium Individual (for one user)- $140
Don't post just a THANKS! Here's why...

Forum Rules you need to know...RuLeS




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users