Home page logo

pen-test logo Penetration Testing mailing list archives

From: "Chris Griffin" <chris () logossecurity com>
Date: Fri, 12 Dec 2008 16:38:39 -0500

I suggest that you read the full OSSTMM 3.0 for "real" aka
"operational security".  Also worth checking out would be NIST
SP800-30, NSA IAM/IEM/RTM, DOD DIACAP, and Andrew Jaquith's
SecurityMetrics book/blog/mailing-list.  There have been interesting
threads on the scadasec mailing-list lately as well.

Im currious why you say the OSSTMM "only" covers 10 controls.

Also, alot of folks in the USA dont realize yet there are certifications
for the OSSTMM.


This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]