TSOM 4.1.1 Available

Tivoli Security Operations Manager V4.1.1 is now available. To download this updated release support entitled customers should access the Passport Advantage Customer download site.

Tivoli Security Operations Manager V4.1.1 has been updated to include the following:

Additional Platform Support

* Added Windows 2003 SP2 64
* Added Red Hat Linux 5.x


* Tivoli Change and Configuration Management Database integration via Tivoli Application Dependency Database Manager
* IBM Tivoli License Manager Support
* IBM Support Assistant Support

New Capabilities / Enhancements

* IPv6 Tolerance
* LDAP Authentication
* Compliance Reports for PCI


Bill Cosby likes my first Computer

My dad got one of these for Father’s Day when I was 6.  It was the TI-99-4a. I still have it and it still works.

Free Incident Management Courses

EMI replaced its Incident Command System (ICS) curricula with courses that meet the requirements specified in the National Incident Management System (NIMS). EMI developed the new courses collaboratively with the National Wildfire Coordinating Group (NWCG), the United States Fire Administration and the United States Department of Agriculture.

The goods can be found on FEMA’s website (Yes, that FEMA).  Over on Securosis.com, Rich thinks it’s pretty good:

Although I haven’t written much about it on the blog (just the occasional post), one area I talk a lot about is incident response and disaster management. Translating my experiences as a 9-1-1 and disaster responder into useful business principles. I’m frequently asked where people can get management level training on incident management. While SANS and others have some technology-oriented incident response courses, the best management level training out there is from FEMA.

Yes, that FEMA.

For no cost you can take some of their Incident Command Systems (ICS) courses online. I highly recommend ICS 100 and ICS 200 for anyone interested in the topic. No, not all of it will apply, but the fundamental principles are designed for ANY kind of incident of ANY scale. If nothing else, it will get you thinking.

DEFCON 16: List of tools and stuff released

DEFCON, the 9000+ attendee hacker conference in Vegas has become a sort of hydra conference. It has become more like a global fair than what most people think of conferences; even the badge is highly unique.

I say this because there are so many things to do at DEFCON, other than going to talks, that you could spend your whole weekend looking at the “World’s Largest Boar!”, so to speak. One of the CTF (Capture the Flag) contest winners this year actually exclaimed that he only made it to 2 talks in 12 years! I am also one of those individuals who barely get a chance to go to talks and now that the speaker pool is so diverse, it’s hard to find all of the “stuff” they release.

Before anyone has a chance to post “it’s all on the DEFCON CD dummy,” I want to challenge them to try. After a weekend of googling (which came back with few results) and making contact with some of the speakers, I provide you with a mostly accurate list of “stuff” that was released at DEFCON this year. If any of the information is inaccurate, or a tool is missing, please contact me and I will update this post.

Posted by Ryan Naraine at ZDnet.

Comment on the Yellow Book (no, not the yellow pages)


This letter transmits the exposure draft of the Government Accountability Office (GAO) Federal Information System Controls Audit Manual (FISCAM) for your review and comment. The FISCAM presents a methodology for performing information system (IS) control  audits of federal and other governmental entities in accordance with professional standards, and was originally issued in January 1999. We have updated the FISCAM for significant changes affecting IS audits.

The exposure draft revisions reflect changes in (1) technology used by government entities, (2) audit guidance and control criteria issued by the National Institute of Standards and Technology (NIST), and (3) generally accepted government  auditing standards (GAGAS), as presented in Government Auditing Standards (also known as the “Yellow Book”).  The Federal Information System Controls Audit Manual (FISCAM) provides a methodology for performing information system (IS) control audits in accordance with GAGAS. However, at the discretion of the auditor, this manual may be applied on other than GAGAS audits. As defined in GAGAS, IS controls consist of those internal controls that are dependent on information systems processing and include general controls and application controls. This manual focuses on evaluating the effectiveness of such general and application controls. This manual is intended for both auditors to assist them in understanding the work done by IS controls specialists, and
IS controls specialists to plan and perform the IS controls audit.

In addition, the FISCAM is consistent with the GAO/PCIE Financial Audit Manual (FAM). Also, the FISCAM control activities are consistent with and have been mapped to the NIST Special Publication 800-53.

Instructions for Commenting on the Exposure Draft

The exposure draft of FISCAM is available only in electronic form at http://www.gao.gov/cgi-bin/getrpt?rptno=GAO-08-1029G on GAO’s Web page. We request comments from federal audit officials, CIOs, financial managers, the public accounting profession, and other interested parties. Please associate your comments with specific references to section, paragraph, and age number. Also, please provide the rationale for your comments and proposed changes, along with suggested revised language. Please send your comments electronically to FISCAM@gao.gov no later than September 5, 2008.

We anticipate that the final version of FISCAM will be issued in the fall of 2008 for use in conducting fiscal year 2009 federal financial statement audits.

Here’s the PDF for your review, and here’s a PowerPoint outlining all the changes.