All Resources

Akamai :: Real-time Web Monitor
http://www.akamai.com/html/technology/dataviz1.html

Akamai monitors global Internet conditions around the clock. With this real-time data we identify the global regions with the greatest attack traffic, cities with the slowest Web connections (latency), and geographic areas with the most Web traffic (traffic density).

AnubisNetworks :: Cyberfeed
http://globe.cyberfeed.net/

Live global botnet visualizer

Apache Hadoop
http://hadoop.apache.org/

Apache Hadoop Homepage

Apache Hive
https://cwiki.apache.org/confluence/display/Hive/LanguageManual

Apache Hive Query Language Manual

Apache Tomcat
http://tomcat.apache.org/

Apache Tomcat Homepage

Arbor Networks :: Digital Attack Map
http://www.digitalattackmap.com/

Top daily DDoS attacks worldwide

AVG ThreatLabs
http://www.avgthreatlabs.com/

Not sure if a website's safe? Look up any website - Check its reputation - See what others say

BrightCloud URL / IP Lookup
http://www.brightcloud.com/tools/url-ip-lookup.php

Presents historical reputation data about the website

BrightTALK
https://www.brighttalk.com/channel/188/governance-risk-and-compliance

Increasing expectations for good governance, effective risk management and complex demands for legislative and regulatory compliance are presenting a growing challenge for organizations of all sizes. Tune in to live and recorded presentations by respected luminaries in the fields of governance, risk and compliance. Their thought leadership will provide you with practical advice on how to implement successful GRC strategies and processes for your organization.

California SB 1386 Personal information: privacy.
http://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=200120020SB1386

This bill, operative July 1, 2003, would require a state agency, or a person or business that conducts business in California, that owns or licenses computerized data that includes personal information, as defined, to disclose in specified ways, any breach of the security of the data, as defined, to any resident of California whose unencrypted personal information was, or is reasonably believed to have been, acquired by an unauthorized person.

CAPEC
http://capec.mitre.org/

Common Attack Pattern Enumeration and Classification - A Community Resource for Identifying and Understanding Attacks

CareerBuilder :: Security Engineer Jobs
http://www.careerbuilder.com/jobs/keyword/security-engineer/

Search of Security Engineer jobs at CareerBuilder.com

Cisco Sender Base
http://www.senderbase.org/

Presents historical reputation data about the website

Common Vulnerabilities and Exposures
http://cve.mitre.org/

International in scope and free for public use, CVE is a dictionary of publicly known information security vulnerabilities and exposures.

Comodo Web Inspector
http://app.webinspector.com/

Examines the URL in real-time

Compliance Week
http://www.complianceweek.com/

A Weekly Newsletter On Corporate Governance, Risk And Compliance

Computer Network Defense Ltd. :: Security Wizardry Radar
http://www.securitywizardry.com/radar.htm

The "Computer Network Defence Operational Picture", better known as The Radar Page has proved extremely popular, especially during periods of heightened tension where we experience hit rates of 12K/hour. It is a useful resource that illustrates all of the latest Information Security Threats and News, updated by staff in Europe and the US. The Radar Page is always complete with live information as it develops.

ComputerWorld
http://www.computerworld.com/

Computerworld is a source of technology news and information for IT influencers worldwide providing in-depth technical analysis on key products, solutions, and technologies for sound buying decisions and business gain.

CVE
http://cve.mitre.org/

Common Vulnerabilities and Exposures - The Standard for Information Security Vulnerability Names

CybOX
http://cybox.mitre.org/

Cyber Observable eXpression - A Structured Language for Cyber Observables

Cymon
https://cymon.io/

Presents data from various threat intel feeds

Data Center Research
http://www.datacenterresearch.com/

DCR is an online service designed to provide its users with easier access to data center related research. Tracking relevant articles and reports from all the leading global industry news sources (media, research firms/analysts, bloggers and more), DCR offers users a convenient, 'one-stop-shop' portal that features thousands of industry relevant white papers and re-sell reports from the top research/analyst firms, and publishers working within the data center and hosting space.

DataLossDB
http://datalossdb.org/

DataLossDB is a research project aimed at documenting known and reported data loss incidents world-wide.

Deepviz
https://search.deepviz.com/

Offers historical threat intel data about IPs, domains, etc.

Deutsche Telekom :: Current Cyber Attacks
http://www.sicherheitstacho.eu/?lang=en

This Portal shows statistics of the early warning system of Deutsche Telekom. The corresponding sensors are operated from Deutsche Telekom and Partners. Attacks on the different sensors (Honeypots) will be displayed in realtime on the world map. Additionally the countries are marked in relation of the overall number of attacks.

DMOZ
http://www.dmoz.org/

DMOZ is the largest, most comprehensive human-edited directory of the Web. It is constructed and maintained by a passionate, global community of volunteers editors. It was historically known as the Open Directory Project (ODP).

Enigma Software: Threat Database
http://www.enigmasoftware.com/threat-database/

Malware, Spyware and Trojan analysis and removal information.

EsperTech
http://esper.codehaus.org/

Esper and Event Processing Language (EPL) provide a highly scalable, memory-efficient, in-memory computing, SQL-standard, minimal latency, real-time streaming-capable Big Data processing engine for historical data, or medium to high-velocity data and high-variety data.

eWeek
http://www.eweek.com/

Since 1983, eWEEK has been a trusted information resource in the IT industry, delivering technology news, in-depth analysis of enterprise IT trends, and reviews of new products. Originally called PC Week.

FBI Cyber's Most Wanted
http://www.fbi.gov/wanted/cyber

Wanted by the FBI. FBI Cyber's Most Wanted

FortiGuard URL / IP Lookup
http://fortiguard.com/iprep

Displays the URL's history and category

F-Secure Sample Analysis System
https://analysis.f-secure.com/portal/login.html

Submit suspicious files or URLs to F-Secure Labs for analysis. Please note that you will not get a reply or scan results for samples submitted anonymously.

Health Information Technology for Economic and Clinical Health Act
http://en.wikipedia.org/wiki/Health_Information_Technology_for_Economic_and_Clinical_Health_Act

top management must individually certify the accuracy of financial information.

Health Insurance Portability and Accountability Act
http://en.wikipedia.org/wiki/Health_Insurance_Portability_and_Accountability_Act

An Act To amend the Internal Revenue Code of 1986 to improve portability and continuity of health insurance coverage in the group and individual markets, to combat waste, fraud, and abuse in health insurance and health care delivery, to promote the use of medical savings accounts, to improve access to long-term care services and coverage, to simplify the administration of health insurance, and for other purposes.

Honeynet Project :: HoneyMap
http://map.honeynet.org/



IBM X-Force Exchange
https://exchange.xforce.ibmcloud.com/

Search by Application Name, IP address, URL, Vulnerability, MD5...

Identity Theft Resource Center
http://idtheftcenter.org/

Identity Theft Resource Center® (ITRC) is a nonprofit, nationally respected organization dedicated exclusively to the understanding and prevention of identity theft. The ITRC provides consumer and victim support as well as public education. The ITRC also advises governmental agencies, legislators, law enforcement, and businesses about the evolving and growing problem of identity theft.

Indeed :: Security Engineer Jobs
http://www.indeed.com/q-security-engineer-jobs.html

Search of Security Engineer jobs at Indeed.com

InfoWorld
http://www.infoworld.com/

InfoWorld is a leading source of information on emerging enterprise technologies.

Internet Crime Complaint Center (IC3)
http://www.ic3.gov/

The IC3 accepts online Internet crime complaints from either the actual victim or from a third party to the complainant. The Internet Crime Complaint Center (IC3) is a partnership between the Federal Bureau of Investigation (FBI), and the National White Collar Crime Center (NW3C).

Internet Exchange Points
http://www.datacentermap.com/ixps.html

Data Center Map is a free web service acting as the link between providers and clients in the data center industry, making it easier for clients to find potential providers matching their needs. The service focuses on colocation and IP transit, but also covers a lot of other data center services such as wholesale space, dedicated servers, remote hands, internet exchanges and much more.

IPVoid
http://ipvoid.com/

IPVoid is a free service used to scan an IP address through multiple DNS-based blacklists and IP reputation services, to facilitate the detection of IP addresses involved in malware incidents and spamming activities.

Is It Hacked
http://www.isithacked.com/

Will check to see if a site is cloaked to GoogleBot, has spammy links, funny redirects, or otherwise appears to be hacked. Works on Joomla, Drupal, WordPress, Magento, Prestashop, Laravel, Codeigniter, Symfony or any other backend technologies.

Is It Phishing
http://isitphishing.org/

Assesses the specified URL in real-time

Joe Sandbox URL Analyzer
https://www.url-analyzer.net/

Free Automated Malware Analysis - Url Analyzer

Junk Email Filter
http://www.junkemailfilter.com/

Front end spam filtering and virus blocking service for your existing email server.

Kaspersky :: CyberThreat Real-Time Map
http://cybermap.kaspersky.com/



Kroll
http://www.kroll.com/en-us/compliance

Kroll is the market leading provider of solutions that help clients comply with the myriad of anti-money laundering (AML) and anti-bribery and corruption (AB&C) regulations worldwide. Through a combination of in-depth subject matter expertise, global research capabilities, and flexible technology tools Kroll can help clients.

Logic Manager
http://www.logicmanager.com/

All-in-One ERM Software.

The Methodology, Software, and Support You Need to Manage Tomorrow's Surprises Today®

MAEC
http://maec.mitre.org/

Malware Attribute Enumeration and Characterization - A Structured Language for Attribute-Based Malware Characterization

Malware Domain List
http://www.malwaredomainlist.com/

Looks up recently-reported malicious websites

Malware Experts
http://www.malwareexperts.com/

MalwareExperts is a passionate, dedicated group of computer security professionals with over 30 years of computer security experience under our belts. We have devoted our lives (our spouses are not happy about this) to helping current and past victims of Malware.

Malware URL
http://www.malwareurl.com/listing-urls.php

Check a suspicious web site or IP address against a database of known malicious websites

MapR
http://www.mapr.com/

MapR Homepage

Massachusetts 201 CMR 17.00 statute
http://en.wikipedia.org/wiki/201_CMR_17.00

Requires that any companies or persons who store or use personal information (PI) about a Massachusetts resident develop a written, regularly audited plan to protect personal information.

Monster :: Security Engineer Jobs
http://jobs.monster.com/v-security-q-security-engineer-jobs.aspx

Search of Security Engineer jobs at Monster.com

MxToolbox
http://mxtoolbox.com/blacklists.aspx

The blacklist check will test a mail server IP address or domain against over 100 DNS based email blacklists

NetworkWorld: Compliance & Regulation
http://www.networkworld.com/topics/compliance.html

Compliance news, analysis, research, how-to, opinion, and video.

Norse Corp :: Dark Intelligence
http://map.ipviking.com/



Norton Safe Web
http://safeweb.norton.com/

Look up a site. Get our rating.

numbrX Security Beat
http://www.numbrx.net/

numbrX keeps an online record of reported personal, private and confidential data breaches which can lead to identity theft and credit fraud.

Open Compliance & Ethics Group
http://www.oceg.org/

OCEG is the only nonprofit offering comprehensive guidance, standards, benchmarks and tools for integrating governance, risk and compliance (GRC) processes. Our unique platform and organizational structure helps you take advantage of contributions from thousands of experts and companies - many of them just like yours. Our guidance, benchmarking, custom tools and communities of practice help you perform - not just comply. OCEG offers value you can exploit today, tomorrow and as your company grows.

Open Threat Exchange
https://otx.alienvault.com/browse/pulses/

At the heart of Open Threat Exchange is the pulse, an investigation of an online threat. Pulses describe any type of online threat including malware, fraud campaigns, and even state sponsored hacking.
Pulses are comprised of indicators of compromise (or IoCs), which describe the infrastructure of that threat - including IPs, file hashes, e-mail addresses affiliated with the threat, etc.

OVAL
http://oval.mitre.org/

Open Vulnerability and Assessment Language - A Community-Developed Language for Determining Vulnerability and Configuration Issues on Computer Systems

Payment Card Industry Data Security Standard
http://en.wikipedia.org/wiki/PCI_DSS

The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that handle cardholder information for the major debit, credit, prepaid, e-purse, ATM, and POS cards.

PayScale :: Security Engineer Salary Metrics
http://www.payscale.com/research/US/Job=Security_Engineer/Salary

Security Engineer salary metrics at PayScale.com

PhishTank
http://www.phishtank.com/

Looks up the URL in its database of known phishing websites

Pivotal
http://www.gopivotal.com/

Pivotal Homepage

Privacy Rights Clearinghouse
http://www.privacyrights.org/ar/ChronDataBreaches.htm

A Chronology of Data Breaches

Project Honey Pot
http://www.projecthoneypot.org/

Project Honey Pot is the first and only distributed system for identifying spammers and the spambots they use to scrape addresses from websites.

RabbitMQ
http://www.rabbitmq.com/

RabbitMQ Homepage

Recorded Future :: Cyber Crime Speculation
https://www.recordedfuture.com/rf/share.jsp?st=1zvQHO&fmt=entityview&sharecode=70afba695c7e3bd1&ou=https://www.recordedfuture.com/rf/s/6tnRcD

Cyber crime speculation and key dates the rest of the year.

Recorded Future: Intelligence Analysis
https://www.recordedfuture.com/blog/

Open source intelligence analysis using Recorded Future.

Reputation Authority
http://www.reputationauthority.org/

Has your reputation been compromised? Check your Domain/IP behavior score

RSA Archer
https://www.rsa.com/en-us/products-services/governance-risk-compliance

Harness Risk, Fuel Your Enterprise

In today's competitive market, risks are changing dramatically and are increasingly more complex. RSA Archer empowers organizations to manage multiple dimensions of risk on one configurable, integrated platform.

RSA Security Analytics
http://sadocs.emc.com/

RSA Security Analytics Documentation

SalaryList :: Security Engineer Salaries
http://www.salarylist.com/jobs/Security-Engineer-Salary.htm

List of Security Engineer salaries at SalaryList.com

Sarbanes-Oxley Act
http://en.wikipedia.org/wiki/Sarbanes-Oxley_Act

top management must individually certify the accuracy of financial information.

SecurityFocus: BugTraq
http://www.securityfocus.com/archive/1

BugTraq is a high volume, full disclosure mailing list for the detailed discussion and announcement of computer security vulnerabilities. BugTraq serves as the cornerstone of the Internet-wide security community.

SecurityFocus: Vulnerabilities
http://www.securityfocus.com/vulnerabilities

The SecurityFocus Vulnerability Database provides security professionals with the most up-to-date information on vulnerabilities for all platforms and services.

SimplyHired :: Security Engineer Jobs
http://www.simplyhired.com/k-security-engineer-jobs.html

Search of Security Engineer jobs at SimplyHired.com

Sophos :: Threat Dashboard
http://www.sophos.com/en-us/threat-center/threat-monitoring/threatdashboard.aspx

Our SophosLabs analysts monitor and research malware, spam and web threats as they happen, around the globe. We collect what we know in these dashboards, and update them constantly as we detect new threats. You'll find threats itemized by country, volume and prevalence.

Spam and Open Relay Blocking System (SORBS)
http://www.sorbs.net/

The SORBS (Spam and Open Relay Blocking System) provides free access to its DNS-based Block List (DNSBL) to effectively block email from more than 12 million host servers known to disseminate spam, phishing attacks and other forms of malicious email. The list typically includes email servers suspected of sending or relaying spam, servers that have been hacked and hijacked, and those with Trojan infestations. In an attempt to provide preemptive protection, SORBS also lists servers with dynamically allocated IP addresses.

Spamhaus
http://www.spamhaus.org/

Spamhaus maintains a number of security intelligence databases and realtime spam-blocking databases ('DNSBLs') responsible for keeping back the vast majority of spam and malware sent out on the Internet. These include the Spamhaus Block List (SBL), the Exploits Block List (XBL), the Policy Block List (PBL) and the Domain Block List (DBL). Spamhaus DNSBLs are today used by the majority of the Internet's Email Service Providers, Corporations, Universities, Governments and Military networks.

STIX
http://stix.mitre.org/

Structured Threat Information eXpression - A Structured Language for Cyber Threat Intelligence Information

Submarine Cable Map
http://www.submarinecablemap.com/

The Submarine Cable Map is a free resource from TeleGeography. Data contained in this map is drawn from the Global Bandwidth Research Service and is updated on a regular basis.

Sucuri SiteCheck
https://sitecheck.sucuri.net/

Free Website Malware and Security Scanner

TAXII
http://taxii.mitre.org/

Trusted Automated eXchange of Indicator Information - Enabling Cyber Threat Information Exchange

ThreatMiner
https://www.threatminer.org/

Search for Domains, IPs, MD5|SHA1|SHA256, email address or ssl, user-agent, AV Family, Filename, URI, Registry, and MUTEX

Trend Micro :: Global Botnet Threat Activity Map
http://www.trendmicro.com/us/security-intelligence/current-threat-activity/global-botnet-map/index.html

Trend Micro continuously monitors malicious network activities to identify command-and-control (C&C) servers and help increase protection against botnet attacks. The real-time map below indicates the locations of C&C servers and victimized computers they control that have been discovered in the previous six hours.

Trend Micro Site Safety Center
https://global.sitesafety.trendmicro.com/

One of the largest domain-reputation databases in the world

United States Computer Emergency Readiness Team (US-CERT)
http://www.us-cert.gov/

The United States Computer Emergency Readiness Team (US-CERT) is a partnership between the Department of Homeland Security and the public and private sectors. Established in 2003 to protect the nation's Internet infrastructure, US-CERT coordinates defense against and responses to cyber attacks across the nation.

United States Department of Homeland Security
http://www.dhs.gov/index.shtm

Homeland Security leverages resources within federal, state, and local governments, coordinating the transition of multiple agencies and programs into a single, integrated agency focused on protecting the American people and their homeland. More than 87,000 different governmental jurisdictions at the federal, state, and local level have homeland security responsibilities. The comprehensive national strategy seeks to develop a complementary system connecting all levels of government without duplicating effort. Homeland Security is truly a "national mission."

United States House of Representatives
http://www.house.gov/

United States House of Representatives Homepage

United States Senate
http://www.senate.gov/

United States Senate Homepage

United States White House Signed Legislation
http://www.whitehouse.gov/briefing-room/signed-legislation

Current list of United States legislation signed into law.

Unmask Parasites
http://www.unmaskparasites.com/security-report/

Scan a web page for hidden illicit content (invisible spam links, malicious scripts and redirects), in the Google Safe Browsing Site Status database

URL Query
http://urlquery.net/

A service for detecting and analyzing web-based malware. It provides detailed information about the activities a browser does while visiting a site and presents the information for further analysis

URLVoid
http://urlvoid.com/

URLVoid is a free service that analyzes a website through multiple blacklist engines and online reputation tools to facilitate the detection of fraudulent and malicious websites. This service helps you to identify websites involved in malware incidents, fraudulent activities and phishing websites.

VerSprite
http://www.versprite.com/grc.php

Today's Governance, Risk, Compliance (GRC) challenges lie with stifled workflows. VerSprite's hybrid methodology fosters sustainable and repeatable GRC processes that work.

Virus Total
https://www.virustotal.com/

VirusTotal is a free service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware.

vURL
https://vurldissect.co.uk/

This service is completely free and allows you to view the source code within a webpage without your having to visit the site itself. In addition to this, options have been provided to view all links within a page for those of you that wish to do so

Web of Trust (WOT)
https://www.mywot.com/

WOT is a free add-on for your browser. WOT displays a colored traffic light next to website links to show you which sites people trust for safe searching, surfing and shopping online: green for good, red for bad, and yellow as a warning to be cautious. The icons are shown in popular search engine results, social media, online email, shortened URL's, and lots of other sites.

Web Page Speed Test
http://www.dotcom-monitor.com/WebTools/website-speed-test.aspx

Instantly test your website speed in real browsers from 20 locations worldwide

WebPulse Site Review
https://sitereview.bluecoat.com/sitereview.jsp

Check the current URL categorization of a website in the WebPulse (BlueCoat) URL ratings database

Websense Security Labs
http://securitylabs.websense.com/

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security research methods miss.

Yandex Safe Site Search
http://yandex.com/infected?l10n=en&url=8.8.8.8

Follow the above link, change the IP and search Yandex.
Yandex is one of the largest internet companies in Europe, operating Russia's most popular search engine and its most visited website. According to LiveInternet, as of December 2013, Yandex generated 61.9% of all search traffic in Russia. Yandex also operate in Ukraine, Kazakhstan, Belarus and Turkey.

Zscaler Zulu URL Risk Analyzer
http://zulu.zscaler.com/

Examines a URL using real-time and historical techniques