lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 1 Jan 2008 10:18:14 -0500
From: Adam Muntner <adam.muntner@...etmove.com>
To: Adam Muntner <adam.muntner@...etmove.com>
Cc: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>
Subject: Re: [Professional IT Security Providers -
	Exposed] QuietMove ( secreview review: D- )

Before secreview jumps on them, apologies for the typos. Hard to type  
long email on touchscreen, on the train!

No hard feelings secreview. I apreciate the review. There is no such  
thing as bad press, and I had fun writing my witty and clever rejoinder.

Adam Muntner
Managing Partner
QuietMove, Inc.
Phone: 602-793-5969
Fax: 866-272-8194
http://www.quietmove.com

Sent from my iPhone

On Jan 1, 2008, at 10:04 AM, Adam Muntner <adam.muntner@...etmove.com>  
wrote:

> Your review gets a d-.
>
> You can't add. You can't spell. Your skills appear to be limited to  
> rudimentary use of a browser and linkedin.com. In combination with  
> your undeserved and unearned sense of self importance, pretty  
> pathetic.
>
> You spelled Marcin's last name wrong. Great use of linkedin.com. You  
> can't even cunt n paste. He interned for us last semester. He isn't  
> a front line consultant. So,you fail the ^c ^v and spelling  
> practical, as well as the investigative one. We have 2 other  
> consultants besides myself-they don't use linkedin and you didnt  
> find them. Our clients know our consultants. We don't post their  
> names on the website.
>
> F is for failure.
>
> As for my experience - I was also a the security officer for an at  
> the time publicly traded company for 2 years, the IT director of  
> 2 .com startups where security was my responsibility for several  
> years, and for the last 2 have been deeply involved with all  
> customer engagements.
> Prior to that I spent the 90s architecting, developing, and leading  
> developer teams.
> I hsve been pentesting since 98 and nearly nonstop since 2000. You  
> were what, 11 years old then? Clearly, basic arithmetic isn't a  
> strong point of yours, either. I suspect you spent the 90s in  
> grammar school. At lest you seemed to learn something there.
>
> On that note....
>
> Most of our clients are referred by others who are very satisfied  
> with the work we perform. Not by the website. It doesn't get a lot  
> of attention - were small but growing and focused on serving our  
> clients. I know basic HTML seems like the pinnacle of achievement to  
> you, but we aren't in the business of making pretty web pages. We  
> discuss our methodology with our clients-we don't post it on the  
> web. I know you were hoping to learn nimething. Hacking for dummies  
> might be more your speed, after you perfect your Cunt and Paste  
> skills.
>
> I took the plunge and started what is now a growing business nearly  
> 2 years ago, and we now serve 3 fortune 1000 clients, replacing much  
> larger firms, plus a good number of midsize clients. Being an  
> entrepreneur is a lot more challenging than being an anonymous  
> anklebite, though from your moms basement it might not seem that way.
>
> I'm heading to Manhattan for some R&R right now. If you are in the  
> vicinity let me know, I'll buy you a beer (if you're 21) and you can  
> meet me yourself and post a review or somthing.
>
> Don't take this wrong - consider it constructive criticism and try  
> harder next time. It's good to know we are recognized enough to be  
> noticed by the mighty, anonymous secreview. This might even double  
> our daily web traffic to 20 visitors. ;)
>
> Adam Muntner
> Managing Partner
> QuietMove, Inc.
> http://www.quietmove.com
>
> Sent from my iPhone
>
> On Dec 31, 2007, at 4:13 PM, secreview <secreview@...hmail.com> wrote:
>
>> QuiteMove, located at http://www.quitemove.com is a small  
>> Professional IT Security Services Provider that offers Training  
>> services, Incident Response Services, Web Application Security  
>> Services and Penetration Testing Services. QuiteMove was started by  
>> Adam Munter in 2006 along with Jeffrey Rassas, and James Garvey,  
>> Jr. You can read their mission statement here "http://www.mywikibiz.com/Directory:QuietMove 
>> " (but its pretty basic).
>>
>> When reviewing the QuiteMove website and people we were not the  
>> least bit impressed. The QuiteMove website is packed full of  
>> grammatical errors and many of the services don't even have  
>> descriptions. The services that do have descriptions are very  
>> poorly written and very poorly defined. Take a look at their  
>> Penetration Testing service offering as an example. If you want to  
>> see an example of no content check out their Social Engineering  
>> offering.
>>
>> Since we were unable to extract anything useful from the materials  
>> provided to us by QuiteMove we decided to focus on the talent  
>> behind QuietMove. Unfortunately we were equally unimpressed. The  
>> only technically oriented team members that we were able to  
>> identify within QuietMove were Adam Munter, who is a founder and  
>> Marcin Wielgoszewsk, who is a very "green" consultant. Seeing as  
>> Adam Munter is being positioned as the technical visionary for  
>> QuietMove, we decided to focus on him and not on Marcin.
>>
>> Adam's Linkedin Bio: http://tinyurl.com/yt9j2y
>>
>> As it turns out Adam Munter worked for Accuvant, a company that  
>> competes directly with Adam's QuietMove; prior to founding  
>> QuietMove. Adam's role at Accuvant was to lead consultants on IT  
>> Security Engagements for large orginazations. In conjunction with  
>> this, Adam also spoke at conferences. He worked here for 1 year and  
>> 1 month.
>>
>> Prior to working for Accuvant, Adam worked for Pegasus Solutions  
>> Inc. as the acting Chief Security Officer. Pegasus is the largest  
>> hotel reservation distribution system vendor and a major vendor of  
>> Hotel Management systems. Adam did get some Sarbanes Oxley work  
>> under his belt as he helped Pegasus to successfully "marshall"  
>> through their first audit. Adam also initiated the program to help  
>> get Pegasus to be Visa CISP compliant, including evaluating and  
>> changing their handling of payment Cardholder data. He worked here  
>> for 2 years and 1 month.
>>
>> From August 2000 to January 2003 Adam was a "Founding member of  
>> IBM's Ethical Hacking Center of Competency." His responsibilities  
>> included being a technical interviewer for new hires, a Penetration  
>> Testing Subject Matter Expert, and the performance of consulting  
>> engagements for clients ranging from midsize companies and  
>> government agencies to the fortune 500. Adam worked for IBM for 2  
>> years and 6 months.
>>
>> So if we add up the relevant experience that Adam has had according  
>> to his linked in bio we get 1 year and 1 month + 2 years and 6  
>> months, which is a grand total of 3 years and 7 months of  
>> professional IT Security Consulting Experience. Not sure about our  
>> readers, but to us at Secreview that hardly makes Adam an IT  
>> Security Expert.
>>
>> But wait, now we have a discrepancy...
>>
>> According to the QuietMove website, Adam "has over 14 years of  
>> experience in information security, software, and product R&D with  
>> 8 years being dedicated solely to security." His QuietMove bio goes  
>> on to say "Adam’s particular talents include penetration testing o 
>> f web and binary applications, networks, systems, and SCADA, “soci 
>> al engineering” and physical penetration of facilities, and in dev 
>> eloping professional services offerings."
>>
>> This just doesn't add up.
>>
>> Anyway, remember we didn't set out to bash anyone here, but Adam/ 
>> QuietMove put himself/themselves in the line of fire. QuietMove  
>> appears to be a very small and disorganized shop. Their website is  
>> half-assed and incomplete and we can't say anything better about  
>> their talent profile. We suggest that QuietMove complete their  
>> website and review their talent profile, then we'll set out to do  
>> another review and see if they score better. As of right now, we  
>> can't give them more than a D-. We'll keep an eye on their website  
>> and redo this review if they ever fix their issues.
>>
>>
>> Score Card (Click to Enlarge)
>>
>> --
>> Posted By secreview to Professional IT Security Providers - Exposed  
>> at 12/31/2007 11:32:00 AM
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ