lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 02 Jan 2008 01:04:42 +0100
From: Martin Zimmermann <mdz@...hest.com>
To: secreview <secreview@...hmail.com>, 
	"full-disclosure@...ts.grok.org.uk >> full-disclosure"
	<full-disclosure@...ts.grok.org.uk>
Subject: Re: [Professional IT Security Providers -
 Exposed] QuietMove ( D - )

Nice try, but....



Adding, spelling and content sucks. Do better research next time.

So thats; 2 try's, 2 Fails, 0 passed on your reviews.

/See me after class..

Hugz



secreview skrev:
> QuiteMove, located at http://www.quitemove.com <www.quietmove.com> is
> a small Professional IT Security Services Provider that offers
> Training services, Incident Response Services, Web Application
> Security Services and Penetration Testing Services. QuiteMove was
> started by Adam Munter in 2006 along with Jeffrey Rassas, and James
> Garvey, Jr. You can read their mission statement here
> "http://www.mywikibiz.com/Directory:QuietMove" (but its pretty basic).
>
> When reviewing the QuiteMove website and people we were not the least
> bit impressed. The QuiteMove website is packed full of grammatical
> errors and many of the services don't even have descriptions. The
> services that do have descriptions are very poorly written and very
> poorly defined. Take a look at their Penetration Testing service
> offering as an example. If you want to see an example of no content
> check out their Social Engineering offering.
>
> Since we were unable to extract anything useful from the materials
> provided to us by QuiteMove we decided to focus on the talent behind
> QuietMove. Unfortunately we were equally unimpressed. The only
> technically oriented team members that we were able to identify within
> QuietMove were Adam Munter, who is a founder and Marcin Wielgoszewsk,
> who is a very "green" consultant. Seeing as Adam Munter is being
> positioned as the technical visionary for QuietMove, we decided to
> focus on him and not on Marcin.
>
> Adam's Linkedin Bio: http://tinyurl.com/yt9j2y
>
> As it turns out Adam Munter worked for Accuvant, a company that
> competes directly with Adam's QuietMove; prior to founding QuietMove.
> Adam's role at Accuvant was to lead consultants on IT Security
> Engagements for large orginazations. In conjunction with this, Adam
> also spoke at conferences. He worked here for 1 year and 1 month.
>
> Prior to working for Accuvant, Adam worked for Pegasus Solutions Inc.
> as the acting Chief Security Officer. Pegasus is the largest hotel
> reservation distribution system vendor and a major vendor of Hotel
> Management systems. Adam did get some Sarbanes Oxley work under his
> belt as he helped Pegasus to successfully "marshall" through their
> first audit. Adam also initiated the program to help get Pegasus to be
> Visa CISP compliant, including evaluating and changing their handling
> of payment Cardholder data. He worked here for 2 years and 1 month.
>
> From August 2000 to January 2003 Adam was a "Founding member of IBM's
> Ethical Hacking Center of Competency." His responsibilities included
> being a technical interviewer for new hires, a Penetration Testing
> Subject Matter Expert, and the performance of consulting engagements
> for clients ranging from midsize companies and government agencies to
> the fortune 500. Adam worked for IBM for 2 years and 6 months.
>
> So if we add up the relevant experience that Adam has had according to
> his linked in bio we get 1 year and 1 month + 2 years and 6 months,
> which is a grand total of 3 years and 7 months of professional IT
> Security Consulting Experience. Not sure about our readers, but to us
> at Secreview that hardly makes Adam an IT Security Expert.
>
> But wait, now we have a discrepancy...
>
> According to the QuietMove website, Adam "has over 14 years of
> experience in information security, software, and product R&D with 8
> years being dedicated solely to security." His QuietMove bio goes on
> to say "Adam’s particular talents include penetration testing of web
> and binary applications, networks, systems, and SCADA, “social
> engineering” and physical penetration of facilities, and in developing
> professional services offerings."
>
> This just doesn't add up.
>
> Anyway, remember we didn't set out to bash anyone here, but
> Adam/QuietMove put himself/themselves in the line of fire. QuietMove
> appears to be a very small and disorganized shop. Their website is
> half-assed and incomplete and we can't say anything better about their
> talent profile. We suggest that QuietMove complete their website and
> review their talent profile, then we'll set out to do another review
> and see if they score better. As of right now, we can't give them more
> than a D-. We'll keep an eye on their website and redo this review if
> they ever fix their issues.
>
>
> Score Card (Click to Enlarge)
> <http://bp1.blogger.com/_VcwqM25xL9M/R3lFJMGqVQI/AAAAAAAAAB8/up18_GDuZ8c/s1600-h/Y022OY.jpeg>
>
>
> --
> Posted By secreview to Professional IT Security Providers - Exposed
> <http://secreview.blogspot.com/2007/12/quietmove-d.html> at 12/31/2007
> 11:32:00 AM
> ------------------------------------------------------------------------
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

-- 

View Martin Dipo Zimmermann's profile on LinkedIn
<http://www.linkedin.com/in/mdzdk>


”If you think technology is gonna solve your security problems, then you
dont understand your problems, and you dont understand the technology..”
Bruce Schneier
 
-----BEGIN PGP SIGNATURE-----
mdz@...hest.com
http://www.prohest.com
Version: GnuPG v1.4.7
Primary key fingerprint:  BDB3 A681 67AC 4D2D 8A62 D1EC 64D1 531B 81B5 4B5A
-----END PGP SIGNATURE-----
 
"Never believe anything until it's officially denied."
Claud Cockburn


<http://www.shirtcity.com/myshirtshop/merchandising/513218/t-shirtshop.html>




---
avast! Antivirus: Outbound message clean.
Virus Database (VPS): 080101-0, 01-01-2008
Tested on: 02-01-2008 01:04:42
avast! - copyright (c) 1988-2008 ALWIL Software.
http://www.avast.com



Content of type "text/html" skipped

Download attachment "Fail drphilfailfl3.jpg" of type "image/jpeg" (86290 bytes)

Download attachment "Prohest.jpg" of type "image/jpeg" (2255 bytes)

Download attachment "btn_linkedin_120x30.gif" of type "image/gif" (2153 bytes)

Download attachment "5715cced16aa18d396862d33b7ea34c1.jpg" of type "image/jpeg" (11076 bytes)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ