Reports
Reports detail methodologies and products that the Information Assurance (IA) at the National Security Agency has tested to ensure hardened security. These include event log monitoring, guidance, and mitigation information.
-
From section:
Reports
Inspection and Sanitization Guidance for Cascading Style Sheets
The purpose of this document is to provide guidance for the development of a sanitization and analysis software tool for Cascading Style Sheets (CSS), which may exist within or external to HyperText Markup Language (HTML) documents.
01 March 2012 58 page(s) pdf
-
From section:
Reports
Inspection and Sanitization Guidance for Bitmap File Format
The purpose of this document is to provide guidance for the development of a sanitization and analysis software tool for the Bitmap (BMP) images as defined in the Microsoft Developer Network Bitmap Reference. It provides inspection and analysis on various elements that are contained within the BMP file structure and how they can be a cause for concern for either...
01 March 2012 43 page(s) pdf
-
From section:
Reports
Security Guidance for the use of XML Schema 1.0/1.1 and RELAX NG
This document provides guidance for creating Extensible Markup Language (XML) Schemas and Regular Language for XML Next Generation (RELAX NG) schemas that can be used to describe the format and contents of XML documents being transferred between security domains. The risk of transferring invalid or unauthorized XML data into or out of a sensitive security domain can be reduced by...
11 May 2011 98 page(s) pdf
-
From section:
Reports
Inspection and Sanitization Guidance for Portable Document Format
The purpose of this document is to provide guidance for the development of a sanitization and analysis software tool for the Portable Document Format (PDF). It provides inspection and analysis on various elements and objects that are contained within the PDF file structure and how they can be a cause for concern for either hiding sensitive data or attempts to...
02 May 2011 241 page(s) pdf
-
From section:
Reports
Security Highlights of Windows 7
This guide highlights many of the new security features in Windows 7, just one of the many commercial operating systems available.
06 October 2010 2 page(s) pdf
-
From section:
Reports
Inspection and Sanitization Guidance for Microsoft Office 2003
This Inspection and Sanitization Guidance for Microsoft Office 2003® document provides guidance and specifications for developing file inspection and sanitization software for Microsoft Office 2003 files (i.e., word processing, presentation, and spreadsheet documents).
17 August 2010 196 page(s) pdf
-
From section:
Reports
Application Whitelisting using Software Restriction Policies (version 1.1)
Software Restriction Policies (SRP) enables administrators to control which applications are allowed to run on Microsoft Windows. SRP is a feature of Windows XP and later operating systems. It can be configured as a local computer policy or as domain policy using Group Policy with Windows Server 2003 domains and later. Using this guide, administrators can configure SRP to prevent...
01 August 2010 19 page(s) pdf
-
From section:
Reports
Defense in Depth
This paper provides an overview of the major elements of the strategy and provides links to resources that provide additional insight.
12 March 2010 5 page(s) pdf
Top