Your Department

IT Security Lab

Mission:

The IT Security Laboratory’s mission is to test computer hardware and software for security vulnerabilities under the direction of the Information Technology Security Office. It will actively design, develop and implement computer and network security training materials, classes (in-person and online) to University technical and general users. It will act as a testing facility for cooperative research project between the Information Technology Security office and academic researchers. It will also provide testing services to external entities according to a fee schedule.

Goals and Objectives:

  1. Educational, Cybersecurity Research and Outreach programs
    1. Design, develop and provide technical training materials and courses to Virginia Tech system and network administrators.
    2. Design, develop and provide general user security awareness training materials under the direction of the IT Security Office.
    3. Provide academic and instructional support for graduate level computer and network security courses.
    4. Provide a Teaching and Research Facility for the NSA Center for Academic Excellence in Cybersecurity multi-disciplinary unit.
  2. Security Testing and Certification
    1. Review the security design issues for IT applications in a “pre-audit” capacity.
    2. Serve in partnership with the Center for Internet Security (CIS) as the testing site for certification of compliance of vendor security software with the CIS benchmarks.
    3. Develop methodologies for testing security of network capable devices. Create security guidelines for these devices
    4. Develop methodologies for testing security of Unix/Linux, Windows 2000, Windows XP, Macintosh systems.
    5. Develop and test computer forensic kits for computer intrusions.
    6. Develop and update computer and network minimum security standards for Unix/Linux, Windows, Apple and network devices.
    7. Work on security initiatives with SANS Institute, FBI, CIS, NSA and Federal and State agencies.
  3. Computer Incident Response Team  (CIRT) Initiatives
    1. Define Incident Response guidelines and procedures for the six phases of Computer Incident Response: preparation, detection, containment, eradication, recovery and follow-up.
    2. Coordinate with external CIRTS, law enforcement
    3. Work under the direction of the IT Security Office
  4. Professional Society, training conference participation

Related Links

Acceptable Use of Information Systems at VT

Computing.vt.edu
The one-stop computing resource site for VT

Antivirus.vt.edu
Virus protection software and downloads

Answers.vt.edu
Knowledge base with answers to common computing questions

VA SCAN
Virginias Alliance for Secure Computing site

EDUCAUSE
Computer and network security web site

Virginia Tech Policies/Compliance

Contact Information

Report a Violation
Report all violations to abuse@vt.edu