I just got word that InfoSec Island published an interview with a
company that uses the OSSTMM for security tests. He explains why they
use it and what it means for them.
Mike starts the article: "While re-addressing the OSSTMM and its
application/usefulness in my firm's business, I wanted to gain the
perspective of a company that's been using the OSSTMM for some time.
More specifically, I wanted to know if that company's clients have
seen a measurable improvement in their information security programs,
since that is our overall goal, right?"
It's a nice follow-up to the OSSTMM overview Mike posted earlier and I
think it answers some of the things we get asked all the time at ISECOM.
--
Pete Herzog - Managing Director - pete (at) isecom (dot) org [email concealed]
ISECOM - Institute for Security and Open Methodologies
www.isecom.org - www.osstmm.org
www.hackerhighschool.org - www.badpeopleproject.org
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
I just got word that InfoSec Island published an interview with a
company that uses the OSSTMM for security tests. He explains why they
use it and what it means for them.
Mike starts the article: "While re-addressing the OSSTMM and its
application/usefulness in my firm's business, I wanted to gain the
perspective of a company that's been using the OSSTMM for some time.
More specifically, I wanted to know if that company's clients have
seen a measurable improvement in their information security programs,
since that is our overall goal, right?"
It's a nice follow-up to the OSSTMM overview Mike posted earlier and I
think it answers some of the things we get asked all the time at ISECOM.
https://www.infosecisland.com/blogview/8340-Implementing-OSSTMM-Strategi
es-Creates-Value.html
Sincerely,
-pete.
--
Pete Herzog - Managing Director - pete (at) isecom (dot) org [email concealed]
ISECOM - Institute for Security and Open Methodologies
www.isecom.org - www.osstmm.org
www.hackerhighschool.org - www.badpeopleproject.org
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
[ reply ]