Thursday, December 27, 2007

NIST May Urge Federal Agencies to Conduct Penetration Attacks

Jack Rogers writes on SC Magazine US:

In the final draft of its upcoming security guidelines for protecting federal information systems, the National Institute of Standards and Technology (NIST) is recommending that federal agencies conduct regular penetration tests to determine whether their networks can be breached.

The NIST draft guidelines, which will be published next March, suggest that federal agencies “should consider adding controlled penetration testing to their arsenal of tools and techniques used to assess the security controls” in their information systems.

NIST recommends that government agencies train selected personnel in penetration testing tools and techniques, which should be updated on a regular basis to address newly discovered exploitable vulnerabilities.

More here.

0 Comments:

Post a Comment

<< Home