So, you've got your heart set on a career in IT security but don't know where to start or how to get there. Firstly, congratulations on making one of the best career decisions, with IT security being one of the most sought after professions. To help you navigate the world of IT Security and get you informed of your options, we've put together this handy guide which covers everything you need to know before you start on your career journey.

The Security Portal for Information System Security Professionals

Incidents.org is a virtual organization of advanced intrusion detection analysts, forensics experts and incident handlers from across the globe. The organization's mission is to provide real time "threat-driven" security intelligence and support to organizations and individuals.

SecurityTracker is a service that helps you to keep track of the latest security vulnerabilites. We monitor a wide variety of Internet sources for reports of new vulnerabilities in Internet software and/or services. We provide our users with a timely and reliable source for vulnerability notification.

The SANS (System Administration, Networking, and Security) Institute is a cooperative research and education organization through which more than 156,000 security professionals, auditors, system administrators, and network administrators share the lessons they are learning and find solutions to the challenges they face. SANS was founded in 1989.

The core of the Institute is the many security practitioners in government agencies, corporations, and universities around the world who invest hundreds of hours each year in research and teaching to help the entire SANS community.

Welcome to the SANS Institute's Information Security Reading Room, featuring over 1300 articles in 63 different categories.

DShield.org is an attempt to collect data about cracker activity from all over the internet. This data will be cataloged and summarized. It can be used to discover trends in activity and prepare better firewall rules. Right now, the system is tailored to simple packet filters. As firewall systems that produce easy to parse packet filter logs are now available for most operating systems, this data can be submitted and used without much effort. More complex patterns, such as are used by application level firewalls may be handled in the future.

The people who comprise NEOHAPSIS are consultants with diverse backgrounds in the world of network and security consulting. We have years of experience working in the publishing, healthcare, advertising, financial, and manufacturing industries. Our consultants have traditionally come from scientific labs, VARs, Internet Service Providers, and much larger consulting firms. In varied environments we have implemented high-availability (HA) architectures, network management & monitoring systems, Y2K testing & remediation, IBM (SNA) host gateways, remote access solutions, NOS platform conversions, disaster recovery plans, and security policies.

HackerWatch is a 'neighborhood watch' for the Internet age. Our mission and goal at HackerWatch is simple:

- collect as much firewall data as possible
- determine patterns from the attacks submitted
- identify and stop the hacker attempts & unwanted traffic

It's as simple as that... By combining the data submitted by thousands of separate sources or users over the Internet, we can detect patterns that would otherwise go unseen. We're developing a system that incorporates intelligent agent software that will combine the voices of thousands of individual users into a single authoritative source to quite simply - take action!

Computer Incident Advisory Capability Website

The CIAC Website provides an extensive, comprehensive resource for diverse computer security issues. These resources are presented in various forms and topics and are available to the public as well as the DOE community.

- Information Bulletins are distributed electronically, notifying registered sites of computer security vulnerabilities and recommended actions. A self-subscribing mailing list to the Bulletins publications is available free to the public.

- The Virus Database contains descriptions, information and effects of numerous PC computer viruses and Trojans. Viruses affecting DOS, Windows, Macintosh and Amigas are also included.

- The Internet Hoaxes page describes many of the hoax warnings that are found on the Internet today.

- CIAC Chain Letters are a collection of popular chain letters currently circulating the internet.

- The Security Tools webpage provides a listing of useful tools available as well as links to public domain or free security and anti-virus software tools on the Internet.

The Objective Authority in Computer Security

Located in Reston, Va., ICSA is known worldwide as the objective source for security assurance services. Established in 1989 as an independent corporation, ICSA has successfully led the security industry in the development of high quality security products through product certification programs and in establishing better security practices through management of multiple security-focused consortia. ICSA currently has offices and partners in North America, South America, Europe, Asia and Australia.

ICSA is completely independent. Each day, ICSA shares vital security information with security product manufacturers, developers, security experts, academia and corporations. ICSA integrates the information from these sources to create and advance commercial computer security, its effective implementation as well as the use of appropriate security products, policies, techniques and procedures. This broad base of expertise is then integrated into a methodology of continuous security assurance used to develop TruSecure.

McAfeee Virus Information Library

More than 40,000 viruses exist today to threaten the life of your computer. McAfee's Virus Information Library has detailed information on thousands of viruses, including where they come from, how they infect your system, and how to remove them. It's one of the most widely used resources on PC viruses in the world.

Symantec's AntiVirus Research Center

SARC is committed to providing swift, global responses to computer virus threats, proactively researching and developing technologies that eliminate such threats and educating the public on safe computing practices.