Forwarded by: Dave Wreski <dave@guardiandigital.com>
Recently I had an opportunity to speak with Pete Herzog, creator of
the Open-Source Security Testing Methodology Manual, a project to make
a thorough security test methodology for Internet security testing.
In the interview, Pete describes the project, provides a bit on his
background and reasons for writing the manual, and where to go for
further information.
"This manual is to set forth a standard for Internet security testing.
Disregarding the credentials of many a security tester and focusing on
the how, I present a solution to a problem which exists currently.
Regardless of firm size, finance capital, and vendor backing, any
network or security expert who meets the outline requirements in this
manual is said to have completed a successful security snapshot. Not
to say one cannot perform a test faster, more in depth, or of a
different flavor. No, the tester following the methodology herein is
said to have followed the standard model and therefore if nothing
else, has been thorough."
http://www.linuxsecurity.com/feature_stories/feature_story-85.html
--
Dave Wreski
Corporate Manager Guardian Digital, Inc.
(201) 934-9230 Pioneering. Open Source. Security.
dave_at_guardiandigital.com http://www.guardiandigital.com
ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV@SecurityFocus.com with a message body of
"SIGNOFF ISN".
Received on Fri May 4 07:22 CDT 2001