Linux Today: Linux News On Internet Time.

More on LinuxToday

NewsForge: Open Source Security Manual and Training for Ethical Hacking

Feb 22, 2003, 02:30 (0 Talkback[s])
(Other stories by Tina Gasperson)

WEBINAR: On-demand webcast

How to Boost Database Development Productivity on Linux, Docker, and Kubernetes with Microsoft SQL Server 2017 REGISTER >

"The Open Source Security Testing Methodology Manual (OSSTMM) has become an international open standard, according to its creator, Pete Herzog. It is used by large organizations like the U.S. Treasury Department, Home Depot, Verisign, and IBM, although Herzog says that he has a hard time getting entities that use the manual to talk much about it.

"Herzog has been in professional security since 1997 when he got involved with IBM's Europe-based Emergency Response Service. Today he heads up the Institute for Security and Open Methodologies (ISECOM) in order to provide Open Source security tools and information via the Internet. Herzog also describes it as an open, non-profit think tank for developing new open standards and methodologies in security.

"'The main problem I have is that nobody has to tell me if they use the OSSTMM,' due to its Open Source nature, says Herzog. 'I have been asked by a person at the U.S. Navy SPAWAR division about it's inclusion in their Posture Assessment document. I also have also some comments from the U.S. Air Force and Army--the biggest downloaders of the manual based on web traffic...'"

Complete Story

Related Stories: