Global Compendium on Network Forensics and Vulnerabilities

From ITUwiki

This was a placeholder for the Global Compendium on Network Forensics and Vulnerabilities that has largely been moved to the work of ITU-T Q.14/17 Rapporteur Group (Cybersecurity). This site will be maintained for an indefinite period for historical legacy purposes, but will not be maintained with current information.

Some of the most important and rapidly evolving components of cybersecurity involve the trusted acquisition, analysis, tagging, and exchange of network forensics and vulnerabilities. This activity in the context of the cybersecurity ecosystem is shown below in the red highlighted areas.

The term "network forensics" in this context is used broadly, and encompasses: 1) the protection of national and global network infrastructure and services against both intentional and unintentional harm, 2) support for law enforcement and security authorities pursuant to law and 3)information necessary for effective network management and services operations and maintenance, All three of these activities involve similar capabilities, and form the subdivisions in the divisions of the compendium, below.

This Compendium is subdivided into the following major divisions. The substantive material is found in the first two sections and divided into: 1) Platforms and 2) Frameworks. The general idea is to distinguish exchange protocols that can be generally used by everyone, from the higher level administrative provisions and guidelines.

• 1. Forensic and Vulnerability Exchange Platforms

• 2. Trusted Forensic and Vulnerability Exchange Frameworks

• 3. Network Forensic and Vulnerability Organizations

• 4. Network Forensic and Vulnerability Calendar of Activities

• 5. Network Forensic and Vulnerability History