SIP Project Description

This project will be a community centric website that brings the Information Security Industry together and offers resources in one central location rather than spread out across the Internet. Its main user population will be personnel already working in the Information Security Industry, but also have students in computer related fields, educators, and general public who are interested in the topic of network security. By providing news articles and company security release information in one place, personnel can stay up to date on the latest security issues with commonly used software.

The website will include a large discussion board broken down by topics to facilitate knowledge inside the community. The discussion boards will be broken down by categories that allow for more in depth discussions on subjects such as, digital forensics, network security (general), network security (policy), penetration testing, social engineering, vulnerability information, cybersecurity in the news, programming; broken down into the common languages such as C, C#, Python, Ruby, etc.), general discussion, off topic, and job postings.

The claim to innovation for this project is that fact that the Information Security field does not have a single place to visit on the Internet to obtain the information it requires or to have discussions with other personnel in the field. Being in the field, security personnel have to visit over 50 webpages to obtain information that is required on a daily or weekly basis. Job postings are spread out over many different job boards and recruiting agencies, and community discussions happen on either Twitter or Reddit. Asking other Information Security professionals how they feel about all of this searching around on the Internet, the conclusion is always the same “I wish there was one place on the Internet that I could go to in order to get this information I need”.

Future endeavors after the successful implementation of the webpage include a challenge site for network security personnel to practice their vulnerability testing skills without fear of repercussion. A bug bounty program would be instituted for the webpage in order to stay up informed of security problems on the webpage while providing security personnel the opportunity to use their skills in a white-hat setting with the possibility of earning rewards based on the vulnerability disclosed.

- Jon