alt text

Information security and assurance for all, as one.

Welcome

Russ McRee's HolisticInfoSec.org is dedicated to sharing information security content and resources in an open, clear manner, with the hope of helping improve infosec for all who seek to do so. Information security is best broken down to the most simple components: best practices and common sense. The threat-scape facing an information security practitioner is perpetually dynamic; we must adapt and evolve as do those threats. Holisticinfosec.org endeavours to aid in that process through dynamic content and timely topics in ISSA Journal's toolsmith. As well we know, those who would do harm never rest: protect your own.

Practice simplicity

Seek to be proactive, rather than reactive

Think creatively, but adhere to standards

Employ best practices

March's toolsmith features the Faraday IPE, an IDE for penetration testing designed for distribution, indexation, and analysis of the generated data during the process of a security audit (pentest) conducted with multiple users. In April, we'll discuss RAWR, designed to ease the process of the mapping, discovery, and reporting phases of an assessment with a focus primarily on web resources. The ISSA Journal is available to members in print and online at issa.org. Article copies are available on the toolsmith page. Award winning toolsmith offers insights on tools useful to the information security practitioner, typically open source and free.

Congratulations to Josh Sokol and SimpleRisk, the 2014 Toolsmith Tool of the Year.