Domino Security Resources

Articles

  • Article: Testing Domino Applications. Written by Ari Elias-Bachrach, this article is the definitive source for information on testing Domino applications. It appear in (In)secure magazine issue 31 on page 64.

Presentations

White and Black Box Testing of Lotus Domino Applications was presented at AppSec DC 2010.

Useful Data

External Resources

  • Hackproofing Lotus Domino Server an article by David Litchfield from 2001, aimed at the security auditor.
  • Lotus Domino Security a whitepaper from 2002 by ISS X-force, also aimed at the administrator.
  • Lotus Security Handbook an IBM Redbook from 2004, it covers mostly general security principles and only covers Domino incidentally at the end. It's intended audience seems to be a Domino admin, network admin, or network architect working with Domino.
  • Securing a Lotus Domino Server an article from 2005 by IBM, aimed at the administrator.

Tools

These tools are being listed only as a resource. I have not used any of these tools and this is not an endorsement of any of them.