Saturday, August 27, 2005

Thoughts on NSA IAM Course

Today I finished the NSA INFOSEC Assessment Methodology (IAM) class taught by two great instructors from EDS and hosted in the beautiful Nortel PEC building in Fairfax, VA. I attended because the rate offered by EDS through my local ISSA-NoVA chapter was an incredible bargain. I did not realize prior to the class that NSA posts the exact slides used to teach the course online.

The course was much more applicable to my line of work than I realized. I've decided to apply the methodology to the assessments I perform on customer network security monitoring / intrusion detection / prevention operations. Rather than use my own methodology, I plan to use the IAM system to perform hands-off assessments of the operations customers conduct to detect intrusions. I will be performing one of these assessments in the near future, so I look forward to applying lessons from IAM to this consulting work.

I am scheduled to attend the two-day INFOSEC Evaluation Methodology (IEM) class next month through ISSA-NoVA again. The IEM is a hands-on affair where technical means are used to discover vulnerabilities.

No comments: