The Web    Google
CERT, ArcSight Partner With 3 Universities On Security Sharing

CERT, ArcSight Partner With 3 Universities On Security Sharing
August 1, 2003

Security software vendor ArcSight is joining the CERT Coordination Center to assist in implementing the Cyber Security Information Sharing Project, a partnership intended to provide a secure information sharing environment across a community of organizations.

Three universities will be selected to be a part of the effort with ArcSight and CERT/CC. Interested universities are invited to contact ArcSight by writing to

Larry Lunetta, vice president and marketing and business development for ArcSight, said his firm is trying to jump start the idea of information sharing within communities.

"The idea has not really taken off as much as experts would have liked," he says. The reasons include the differing standards for exchanging security messages.

To bring more clarity to that effort, ArcSight has committed to have its Distributed Security Architecture support the draft IETF standards for exchanging security messages. These are the IDMEF and IODEF formats, based on XML. IDMEF is device-centric, while IDMEF includes more information about the context of the security message.

Some information sharing is happening within the financial services industries, but ArcSight is hoping to extend to the university community via the value added by the partnership with CERT/CC.

"We need to move forward," says Hugh Njemanze, CTO and co-founder of ArcSight. "There is a lot we can learn by the effort to put this into practice."

ArcSight provides security risk management software known for event aggregation, real time analysis, incident investigation and reporting. The CERT/CC, based at Carnegie Mellon University's Software Engineering Institute in Pittsburgh, provides technical advice, coordinates responses to security compromises and identifies trends in intruder activity.

  • 4/22: Kelvir-R Trojan Hits IM Contacts
  • 10/12: Forbot-BD Runs in Background
  • Confidence Online 2.0 Guards Against Online Identity Theft
  • Single Network Identity: Holy Grail or Nightmare?
  • Chinese Virus Crises Mean Trouble for U.S.
  • MFPs ?An Overlooked Security Risk
  • Viruses Gearing up For The Smart Set
  • 2/2: Symbos_Locknut-A Hits Symbian Devices
  • 11/10: Mydoom-AE Worm Links to Servers
  • Securiant Aims Appliance at Small, Medium Businesses
  • 2/25: Randex-CST Worm Targets Passwords
  • Security Camera Industry Information