lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.64.0712311624460.5975@matrix.coldrain.net>
Date: Mon, 31 Dec 2007 16:29:02 -0500 (EST)
From: Bob Bruen <bruen@...drain.net>
To: secreview <secreview@...hmail.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: [Professional IT Security Providers -
 Exposed] QuietMove ( D - )


Well, I guess this settles how you should be judged.
Spelling is hard, especially when complaining about somebody else.

Is it quitemove.com or quietmove.com? Not quite, eh?

           -- bob


On Mon, 31 Dec 2007, secreview wrote:

> QuiteMove, located at http://www.quitemove.com is a small Professional
> IT Security Services Provider that offers Training services, Incident
> Response Services, Web Application Security Services and Penetration
> Testing Services. QuiteMove was started by Adam Munter in 2006 along
> with Jeffrey Rassas, and James Garvey, Jr. You can read their mission
> statement here "http://www.mywikibiz.com/Directory:QuietMove" (but its
> pretty basic).When reviewing the QuiteMove website and people we were
> not the least bit impressed. The QuiteMove website is packed full of
> grammatical errors and many of the services don't even have
> descriptions. The services that do have descriptions are very poorly
> written and very poorly defined. Take a look at their Penetration
> Testing service offering as an example. If you want to see an example
> of no content check out their Social Engineering offering.Since we were
> unable to extract anything useful from the materials provided to us by
> QuiteMove we decided to focus on the talent behind QuietMove.
> Unfortunately we were equally unimpressed. The only technically
> oriented team members that we were able to identify within QuietMove
> were Adam Munter, who is a founder and Marcin Wielgoszewsk, who is a
> very "green" consultant. Seeing as Adam Munter is being positioned as
> the technical visionary for QuietMove, we decided to focus on him and
> not on Marcin.Adam's Linkedin Bio: http://tinyurl.com/yt9j2yAs it turns
> out Adam Munter worked for Accuvant, a company that competes directly
> with Adam's QuietMove; prior to founding QuietMove. Adam's role at
> Accuvant was to lead consultants on IT Security Engagements for large
> orginazations. In conjunction with this, Adam also spoke at
> conferences. He worked here for 1 year and 1 month.Prior to working for
> Accuvant, Adam worked for Pegasus Solutions Inc. as the acting Chief
> Security Officer. Pegasus is the largest hotel reservation distribution
> system vendor and a major vendor of Hotel Management systems. Adam did
> get some Sarbanes Oxley work under his belt as he helped Pegasus to
> successfully "marshall" through their first audit. Adam also initiated
> the program to help get Pegasus to be Visa CISP compliant, including
> evaluating and changing their handling of payment Cardholder data. He
> worked here for 2 years and 1 month.From August 2000 to January 2003
> Adam was a "Founding member of IBM's Ethical Hacking Center of
> Competency." His responsibilities included being a technical
> interviewer for new hires, a Penetration Testing Subject Matter Expert,
> and the performance of consulting engagements for clients ranging from
> midsize companies and government agencies to the fortune 500. Adam
> worked for IBM for 2 years and 6 months.So if we add up the relevant
> experience that Adam has had according to his linked in bio we get 1
> year and 1 month + 2 years and 6 months, which is a grand total of 3
> years and 7 months of professional IT Security Consulting Experience.
> Not sure about our readers, but to us at Secreview that hardly makes
> Adam an IT Security Expert.But wait, now we have a
> discrepancy...According to the QuietMove website, Adam "has over 14
> years of experience in information security, software, and product R&D
> with 8 years being dedicated solely to security." His QuietMove bio
> goes on to say "Adam’s particular talents include penetration testing
> of web and binary applications, networks, systems, and SCADA, “social
> engineering” and physical penetration of facilities, and in developing
> professional services offerings." This just doesn't add up.Anyway,
> remember we didn't set out to bash anyone here, but Adam/QuietMove put
> himself/themselves in the line of fire. QuietMove appears to be a very
> small and disorganized shop. Their website is half-assed and incomplete
> and we can't say anything better about their talent profile. We suggest
> that QuietMove complete their website and review their talent profile,
> then we'll set out to do another review and see if they score better.
> As of right now, we can't give them more than a D-. We'll keep an eye
> on their website and redo this review if they ever fix their
> issues.Score Card (Click to Enlarge)
>
> --
> Posted By secreview to Professional IT Security Providers - Exposed at
> 12/31/2007 11:32:00 AM

-- 
Dr. Robert Bruen
Cold Rain Knujon
http://coldrain.net
http://knujon.com
+1.802.579.6288

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ