id="info"

Question

Locked

Potential Security Risks of integrating software add-in requests;

By boucaria ·
I test add-ins/Add-ons, just about any extra component which is usually free, but may have security issues on the network.
In the Add-in committee I work with, the chair-person has asked if I would look around for information under the rubric of:

"I am looking for respected documentations and views that support the belief that software add-ins can pose a threat to a network infrastructure when not properly scrutinized and analyzed, especially when the add-in which one believes he or she is installing turns out be imbedded[embedded] with malicious code."

Anyway, its not as easy as it seems since while the point is a given in most cases, trying to get documents to support this contention to management, is harder; can you help with any references? I am in a State govt IT dept, and so the budget is zip. And thus far, I just wish I had a Lexis Nexis account, and people have agreed.
Anyway, if you have any good IEEE or similar sort of articles ( well argued with references) I would appreciate it.

This conversation is currently closed to new comments.

2 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

Potential Security Risks of integrating software add-in requests

by boucaria In reply to Potential Security Risks ...

Most of the material I have found so far has been from nist.org ,and then from CERIAS at Purdue, in the Sucure IT Practices section; None of this material is specifically about Add-ins in the academic/more detailed sense, but it has detailed material on principles about the area.
Any help still appreciated.

Back to Security Forum
2 total posts (Page 1 of 1)  

Security Forums