Network & Web Application Security Tools

The CISO (Columbia University Information Security Office) Security group uses various tools for

• network security, log consolidation and monitoring
• web application security; tools for
  • port scanning,
  • dynamic application review
  • static code review
• mitigating risk associated with loss of sensitive information (SSN, and other PII); tools
  •  SSN discovery and remediation
  • full disk encryption
  • encrypting email attachments
  • application white-listing

The CISO Security group also offers consulting, investigative and security advisory services.

• Security consulting - CISO Security group contributes to projects by participating at critical points in the project implementation life-cycle (SDLC). It also documents Standard operating environment guidelines for applications, databases and Operating Systems.
• Investigative services - CISO Security group assists various groups, like CU Department of Public Safety, across campus in their investigations.

Advisory services - CISO Security group also provides security-related advisory services to various groups across campus by conducting trainings, etc.