| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 20 May 2010 20:17:40 +0200 From: Pete Herzog <lists@...com.org> To: bugtraq@...urityfocus.com Subject: Mastering Trust in Security Assessments Hi, ISECOM has been working on improving and replacing risk analysis, assessments and management with trust. Our research has shown dramatic improvements from using a trust model based on fact over risk models. OSSTMM 3 (www.osstmm.org) outlines much of this already and I am beginning to address this at various conferences. Mastering trust has many benefits for security testing including improved social engineering, improved attack trees, and improved competitive intelligence gathering. Additionally, mastering the ability to see through phishing, scams, PR smoke screens, lies, and other deceptive practices also has the inverse of teaching how to improve stealth, cons, and fraud for your security tests. A basic version of our Mastering Trust seminar presentation is available here: http://www.isecom.com/events/Mastering_Trust_Sampler.pdf Enjoy! -pete. -- Pete Herzog - Managing Director - pete@...com.org ISECOM - Institute for Security and Open Methodologies www.isecom.org - www.osstmm.org www.hackerhighschool.org - www.badpeopleproject.org
Powered by blists - more mailing lists