Thought people would find this interesting. -----Original Message----- From: InfoSec News [mailto:isnat_private] Sent: Thursday, May 03, 2001 12:04 PM To: ISNat_private Subject: [ISN] Open Source Security Testing Methods Forwarded by: Dave Wreski <daveat_private> Recently I had an opportunity to speak with Pete Herzog, creator of the Open-Source Security Testing Methodology Manual, a project to make a thorough security test methodology for Internet security testing. In the interview, Pete describes the project, provides a bit on his background and reasons for writing the manual, and where to go for further information. "This manual is to set forth a standard for Internet security testing. Disregarding the credentials of many a security tester and focusing on the how, I present a solution to a problem which exists currently. Regardless of firm size, finance capital, and vendor backing, any network or security expert who meets the outline requirements in this manual is said to have completed a successful security snapshot. Not to say one cannot perform a test faster, more in depth, or of a different flavor. No, the tester following the methodology herein is said to have followed the standard model and therefore if nothing else, has been thorough." http://www.linuxsecurity.com/feature_stories/feature_story-85.html -- Dave Wreski Corporate Manager Guardian Digital, Inc. (201) 934-9230 Pioneering. Open Source. Security. daveat_private http://www.guardiandigital.com ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERVat_private with a message body of "SIGNOFF ISN".
This archive was generated by hypermail 2b30 : Mon May 07 2001 - 17:15:53 PDT