|
|
 |
| New User, Welcome! Login |
Mastering Trust in Security Assessments
| From: |
Pete Herzog <lists isecom org> |
| To: |
bugtraq securityfocus com |
| Cc: |
|
| Subject: |
Mastering Trust in Security Assessments |
| Date: |
Thu - May 20, 2010 11:40 AM |
Hi,
ISECOM has been working on improving and replacing risk analysis,
assessments and management with trust. Our research has shown dramatic
improvements from using a trust model based on fact over risk models.
OSSTMM 3 (www.osstmm.org) outlines much of this already and I am
beginning to address this at various conferences.
Mastering trust has many benefits for security testing including
improved social engineering, improved attack trees, and improved
competitive intelligence gathering. Additionally, mastering the
ability to see through phishing, scams, PR smoke screens, lies, and
other deceptive practices also has the inverse of teaching how to
improve stealth, cons, and fraud for your security tests.
A basic version of our Mastering Trust seminar presentation is
available here:
http://www.isecom.com/events/Mastering_Trust_Sampler.pdf
Enjoy!
-pete.
--
Pete Herzog - Managing Director - pete@isecom.org
ISECOM - Institute for Security and Open Methodologies
www.isecom.org - www.osstmm.org
www.hackerhighschool.org - www.badpeopleproject.org
|
|
|
Copyright © 1995-2012 LinuxRocket.net. All rights reserved.
Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!
