lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 31 Dec 2007 16:29:02 -0500 (EST) From: Bob Bruen <bruen@...drain.net> To: secreview <secreview@...hmail.com> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: [Professional IT Security Providers - Exposed] QuietMove ( D - ) Well, I guess this settles how you should be judged. Spelling is hard, especially when complaining about somebody else. Is it quitemove.com or quietmove.com? Not quite, eh? -- bob On Mon, 31 Dec 2007, secreview wrote: > QuiteMove, located at http://www.quitemove.com is a small Professional > IT Security Services Provider that offers Training services, Incident > Response Services, Web Application Security Services and Penetration > Testing Services. QuiteMove was started by Adam Munter in 2006 along > with Jeffrey Rassas, and James Garvey, Jr. You can read their mission > statement here "http://www.mywikibiz.com/Directory:QuietMove" (but its > pretty basic).When reviewing the QuiteMove website and people we were > not the least bit impressed. The QuiteMove website is packed full of > grammatical errors and many of the services don't even have > descriptions. The services that do have descriptions are very poorly > written and very poorly defined. Take a look at their Penetration > Testing service offering as an example. If you want to see an example > of no content check out their Social Engineering offering.Since we were > unable to extract anything useful from the materials provided to us by > QuiteMove we decided to focus on the talent behind QuietMove. > Unfortunately we were equally unimpressed. The only technically > oriented team members that we were able to identify within QuietMove > were Adam Munter, who is a founder and Marcin Wielgoszewsk, who is a > very "green" consultant. Seeing as Adam Munter is being positioned as > the technical visionary for QuietMove, we decided to focus on him and > not on Marcin.Adam's Linkedin Bio: http://tinyurl.com/yt9j2yAs it turns > out Adam Munter worked for Accuvant, a company that competes directly > with Adam's QuietMove; prior to founding QuietMove. Adam's role at > Accuvant was to lead consultants on IT Security Engagements for large > orginazations. In conjunction with this, Adam also spoke at > conferences. He worked here for 1 year and 1 month.Prior to working for > Accuvant, Adam worked for Pegasus Solutions Inc. as the acting Chief > Security Officer. Pegasus is the largest hotel reservation distribution > system vendor and a major vendor of Hotel Management systems. Adam did > get some Sarbanes Oxley work under his belt as he helped Pegasus to > successfully "marshall" through their first audit. Adam also initiated > the program to help get Pegasus to be Visa CISP compliant, including > evaluating and changing their handling of payment Cardholder data. He > worked here for 2 years and 1 month.From August 2000 to January 2003 > Adam was a "Founding member of IBM's Ethical Hacking Center of > Competency." His responsibilities included being a technical > interviewer for new hires, a Penetration Testing Subject Matter Expert, > and the performance of consulting engagements for clients ranging from > midsize companies and government agencies to the fortune 500. Adam > worked for IBM for 2 years and 6 months.So if we add up the relevant > experience that Adam has had according to his linked in bio we get 1 > year and 1 month + 2 years and 6 months, which is a grand total of 3 > years and 7 months of professional IT Security Consulting Experience. > Not sure about our readers, but to us at Secreview that hardly makes > Adam an IT Security Expert.But wait, now we have a > discrepancy...According to the QuietMove website, Adam "has over 14 > years of experience in information security, software, and product R&D > with 8 years being dedicated solely to security." His QuietMove bio > goes on to say "Adam’s particular talents include penetration testing > of web and binary applications, networks, systems, and SCADA, “social > engineering” and physical penetration of facilities, and in developing > professional services offerings." This just doesn't add up.Anyway, > remember we didn't set out to bash anyone here, but Adam/QuietMove put > himself/themselves in the line of fire. QuietMove appears to be a very > small and disorganized shop. Their website is half-assed and incomplete > and we can't say anything better about their talent profile. We suggest > that QuietMove complete their website and review their talent profile, > then we'll set out to do another review and see if they score better. > As of right now, we can't give them more than a D-. We'll keep an eye > on their website and redo this review if they ever fix their > issues.Score Card (Click to Enlarge) > > -- > Posted By secreview to Professional IT Security Providers - Exposed at > 12/31/2007 11:32:00 AM -- Dr. Robert Bruen Cold Rain Knujon http://coldrain.net http://knujon.com +1.802.579.6288 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists