| Organization | Description |
|---|---|
| SANS | SysAdmin, Audit, Network, Security (SANS) Institute resources are largely free upon request and include:The Internet Storm Center – the popular internet early warning systemNewsBites, the weekly digest of news articles about computer security.@RISK, the weekly digest of newly discovered attack vectors, vulnerabilities with active exploits, and explanations of how recent attacks workedFlash security alertsReading Room – more than 1,200 award-winning, original research papers.SANS also develops security courses. |
| Mitre | The Mitre Corporation maintains a list of common vulnerabilities and exposures (CVE) used by prominent security organizations. |
| FIRST | Forum of Incident Response and Security Teams (FIRST) is a security organization that brings together a variety of computer security incident response teams from government, commercial, and educational organizations to foster cooperation and coordination in information sharing, incident prevention and rapid reaction. |
| SecurityNewsWire | A security news portal that aggregates the latest breaking news pertaining to alerts, exploits, and vulnerabilities. |
| (ISC)2 | International Information Systems Security Certification Consortium (ISC2) provides vendor neutral education products and career services to more than 75,000+ industry professionals in more than 135 countries. |
| CIS | The Center for Internet Security (CIS) is a focal point for cyber threat prevention, protection, response, and recovery for state, local, tribal, and territorial (SLTT) governments through the Multi-State Information Sharing and Analysis Center (MS-ISAC). The MS-ISAC offers 24×7 cyber threat warnings and advisories, vulnerability identification, and mitigation and incident response. |
To remain effective, a network security professional must:
- Keep abreast of the latest threats – This includes subscribing to real-time feeds regarding threats, routinely perusing security-related websites, following security blogs and podcasts, and more.
- Continue to upgrade skills – This includes attending security-related training, workshops, and conferences.
Note: Network security has a very steep learning curve and requires a commitment to continuous professional development.
