security standards
Formal Specifications
CVSS-SIG: Common Vulnerability Scoring System - Special Interest Group
CVE: Common Vulnerability Enumeration
CWE: Common Weakness Enumeration
CPE: Common Platform Enumeration
CVRF: Common Vulnerability Reporting Framework
U.S. Government Information
Federal
everyspec.com (self-explanatory)
NSA @ the Federation of American Scientists
GSA Authorized Postal Couriers
Online Guide to Security Responsibilities
Department of the Navy Information Security Program
Slides on Marking Classified Information
Derivative Classification
Cybersecurity and Oversight of Information System Security Sample Course Syllabus
Commission to Assess the Threat to the United States from Electromagnetic Pulse (EMP) Attack
Guidelines on Mobile Device Forensics
Federal information security incident center
U.S.C. for the use of DNA identification information by law enforcement
NIST Test Personal Identity Verification (PIV) Cards - What Federal Contractors/Employees Use
Documentary Requirements for U.S.A. Travel
NATO Maritime Capabilities Group 6 USA Participation
National Communications System - FAQ
NRO Frequently Requested FOIA Requests
Released Records for Major NRO Programs and Projects
Intelligence Community (IC) Member Agencies List
Various Documents About Project 25, i.e. Emergency Responder Radio Communications)
Office of Emergency Communications SAFECOM
State
DE Cyber Security news
Military / DoD Documents
The DoD Defense Acquisition Guidebook at Defense Acquisition University
United States DoD/DoE/U.S.NCR/CIA National Industrial Security Program operating manual
Navy
NOST OPSEC
Communication and Satellite Programs
Electronic Warfare Programs
Nuclear Warfare Programs
Introduction to NATO Security Briefings
Communication and Satellite Programs
Department of the Navy Information Security Program
Department of the Navy Information Security Program
DoD
DoD Issurance Standard
DoD Information Security Program: Marking of Classified Information
Weapons and Sensors Slides
Chemical, Biological, Radiological and Nuclear Consequence Management
Cybersecurity-Related Policies and Issuances Developed by the DoD
Industrial Security Program Cases
Online Guide to Security Responsibilities
Slides on Marking Classified Information
Army
In The Dark: Military Planning for a Catastrophic Critical Infrastructure Event
Helicopter Landing Zone Operations Handout
Other
Questionnaire for National Security Positions
DoD ID Card Reference Center
Department of Defense DEERS Enrollment and ID Card Issuance
Declassified Documents
Bin Laden's Bookshelf
NRO Frequently Requested FOIA Requests
Practical Usage
Full Disclosure Policy (RFPolicy) v2.0
Information Security Bookshelf
IT Security Database: collects OVAL (Open Vulnerability Assessment Language) definitions from several sources
CVE Vulnerability Database: Supports RSS, embeddable widgets and JSON
CVE Search at Circl
cve-search software, api and data feeds.
PCI-SSC
Pentest Standard
BCP38 is RFC2827: Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing
RFC3833: Threat Analysis of DNS
RFC4870: Domain-Based Email Authentication Using Public Keys Advertised in the DNS (DomainKeys)
RFC7258: Pervasive Monitoring Is an Attack
Team Cymru: Internet Security Research with Insight
UNIX IP Stack Tuning Guide v2.7
Secure BIND Template Version 7.3
FIRST: Forum for Incident Response and Security Teams
DNS DDoS - "Let's use a long-term solution"
DDOS prevention - how to restrict queries to hint (root) zones?
DNS Response Rate Limiting
Java EE Security API Specification Mailing Lists
Patents
IBM Patent for Tracking People via RFID
Non-Infosec Standards
Technical Information
IETF (Internet Engineering Task Force)
IETF Internet-Draft Mirror Sites
IETF DataTracker
ANTLRv4 is a powerful parser generator supporting: Java, C#, Python, JavaScript, C++
Adding a Linux System Call
IPv6 Address Types
The Java™ API for RESTful Web Services
Technical Committee T10
Guidelines for 64-bit Global Identifier (EUI-64) General
Spam -- Controlling Unsolicited Bulk EMail
BIN Database Lookups, other anti-fraud, etc.
Bank Identification Number (BIN) List
Exact BIN Database
bankinfosecurity.asia
From the U.K. & Elsewhere in Europe
British Government Archives Produced by Internet Memory Foundation
W3C Validation
