12 useful websites for IT security From Microsoft and Cisco to the National Institute of Standards and Technology, we look at some of the most useful IT security websites Ellen Messmer December 10, 2012 Network World US Share Twitter Facebook LinkedIn Whether it's dealing with Cisco, Microsoft and VMware-based networks or with open source tools, or perhaps just learning more about IT security, these websites all offer information you may need. 1. Whether it's dealing with Cisco, Microsoft and VMware-based networks or with open source tools, or perhaps just learning more about IT security, these websites all offer information you may need. 2. SourceForge SourceForge has a section for open source security tools that seems almost endless. 3. VMware If your organisation has widely deployed VMware's virtualisation platform, it's important to understand and keep up with security issues. In terms of VMware's own information, check out the VMware Security and Compliance Blog and the VMware Security Advisories, Certifications and Guides. 4. Cloud Security Alliance Trying to get a grasp of security in the cloud can feel like chasing one, but look into the resources at Cloud Security Alliance, the group with a strong user focus that can help you figure out if the wind is blowing in the right direction among cloud vendors. 5. National Institute of Standards and Technology The federal government's National Institute of Standards and Technology (NIST) plays a large role in setting IT security requirements that impact everything on the network, with a new emphasis on mobile and cloud-based computing, found at its Computer Security Resource Center in the Computer Security Division. 6. Cisco Design Zone for Security If yours is a Cisco-based network, Cisco's Design Zone for Security provides in-depth information related to application performance, branch/WAN, campus, data centers and much more. 7. Google Android Security Group Feel like just hanging out and talking about security related to Google Android devices? Check out Google's Android Security Group, where questions get asked online and crowdsourced. 8. Microsoft Security Advisories Microsoft puts out security bulletins when something related to its products and services really goes awry, but it's also worth following Microsoft Security Advisories, which also tackle security issues of importance. 9. Gartner Want to hear some of the latest thinking from Gartner security wonks? Check out the Gartner Blog Network, where you’ll find blogs from Gartner's Neil MacDonald, Avivah Litan, Dan Blum and Jay Heiser, among others. 10. PCI Security Standards Council If your organisation accepts payment cards, then it has to follow the network security rules of the PCI Security Standards Council. To find out what that might mean, check out the Merchants section at the council's website. 11. Privacy Rights Clearinghouse Privacy Rights Clearinghouse is a nonprofit corporation based in San Diego whose website provides clear advice mainly for consumers with questions about workplace computer and phone monitoring, identity theft, privacy of medical records and more. 12. The Nmap Project The Nmap Project of open source developers has a website listing its picks for the "125 Top Security Tools," which can be found at sectools.org. 13. Packet Storm Packet Storm is a nonprofit organisation whose site offers timely updates on security issues as well as a wide range of open source security tools, such as Hydra.