lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 31 Dec 2007 13:13:28 -0800 (PST)
From: secreview <secreview@...hmail.com>
To: full-disclosure@...ts.grok.org.uk
Subject: [Professional IT Security Providers - Exposed]
	QuietMove ( D - )

QuiteMove, located at http://www.quitemove.com is a small Professional
IT Security Services Provider that offers Training services, Incident
Response Services, Web Application Security Services and Penetration
Testing Services. QuiteMove was started by Adam Munter in 2006 along
with Jeffrey Rassas, and James Garvey, Jr. You can read their mission
statement here "http://www.mywikibiz.com/Directory:QuietMove" (but its
pretty basic).When reviewing the QuiteMove website and people we were
not the least bit impressed. The QuiteMove website is packed full of
grammatical errors and many of the services don't even have
descriptions. The services that do have descriptions are very poorly
written and very poorly defined. Take a look at their Penetration
Testing service offering as an example. If you want to see an example
of no content check out their Social Engineering offering.Since we were
unable to extract anything useful from the materials provided to us by
QuiteMove we decided to focus on the talent behind QuietMove.
Unfortunately we were equally unimpressed. The only technically
oriented team members that we were able to identify within QuietMove
were Adam Munter, who is a founder and Marcin Wielgoszewsk, who is a
very "green" consultant. Seeing as Adam Munter is being positioned as
the technical visionary for QuietMove, we decided to focus on him and
not on Marcin.Adam's Linkedin Bio: http://tinyurl.com/yt9j2yAs it turns
out Adam Munter worked for Accuvant, a company that competes directly
with Adam's QuietMove; prior to founding QuietMove. Adam's role at
Accuvant was to lead consultants on IT Security Engagements for large
orginazations. In conjunction with this, Adam also spoke at
conferences. He worked here for 1 year and 1 month.Prior to working for
Accuvant, Adam worked for Pegasus Solutions Inc. as the acting Chief
Security Officer. Pegasus is the largest hotel reservation distribution
system vendor and a major vendor of Hotel Management systems. Adam did
get some Sarbanes Oxley work under his belt as he helped Pegasus to
successfully "marshall" through their first audit. Adam also initiated
the program to help get Pegasus to be Visa CISP compliant, including
evaluating and changing their handling of payment Cardholder data. He
worked here for 2 years and 1 month.From August 2000 to January 2003
Adam was a "Founding member of IBM's Ethical Hacking Center of
Competency." His responsibilities included being a technical
interviewer for new hires, a Penetration Testing Subject Matter Expert,
and the performance of consulting engagements for clients ranging from
midsize companies and government agencies to the fortune 500. Adam
worked for IBM for 2 years and 6 months.So if we add up the relevant
experience that Adam has had according to his linked in bio we get 1
year and 1 month + 2 years and 6 months, which is a grand total of 3
years and 7 months of professional IT Security Consulting Experience.
Not sure about our readers, but to us at Secreview that hardly makes
Adam an IT Security Expert.But wait, now we have a
discrepancy...According to the QuietMove website, Adam "has over 14
years of experience in information security, software, and product R&D
with 8 years being dedicated solely to security." His QuietMove bio
goes on to say "Adam’s particular talents include penetration testing
of web and binary applications, networks, systems, and SCADA, “social
engineering” and physical penetration of facilities, and in developing
professional services offerings." This just doesn't add up.Anyway,
remember we didn't set out to bash anyone here, but Adam/QuietMove put
himself/themselves in the line of fire. QuietMove appears to be a very
small and disorganized shop. Their website is half-assed and incomplete
and we can't say anything better about their talent profile. We suggest
that QuietMove complete their website and review their talent profile,
then we'll set out to do another review and see if they score better.
As of right now, we can't give them more than a D-. We'll keep an eye
on their website and redo this review if they ever fix their
issues.Score Card (Click to Enlarge)

--
Posted By secreview to Professional IT Security Providers - Exposed at
12/31/2007 11:32:00 AM
Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ