"How To" OSSTMM 2.5 - Penetration Testing Methodology

["Pete Herzog" <lists () isecom org>]

Hi,

I want to notify all you testers out there that ISECOM (aka Ideahamster) has
put together a hands-on certification and training the open, peer-reviewed
way.  We are having two classes in Barcelona and we are looking for partners
around the world to teach the classes.  We will only be managing the tests
and the Internet hack network they will test against.  The point is to bring
the HOW and WHY of the OSSTMM (Open Source Security Testing Methodology
Manual) to everyone in a cheap, easy way.

I know you think Another Certification?!  This is only because it will allow
a tester to prove he knows the OSSTMM, knows the tools, knows where to
find/compile/research new hacks and exploits, can estimate, plan, and
complete a professional security test, and knows the legal and ethical
background to sec testing.  It's a pretty complete deal.  See below for the
details:

----------------

OPST Training - OSSTMM Professional Security Tester Certification
La Salle University, Barcelona, Spain

ISECOM went far beyond the "brain candy" hacking classes with just old tools
and exploits  out there to include the professional skills like security
project planning, security consultancy, and attack network design together
with the Open Source Security Testing Methodology (OSSTMM) standard to
certify a person as a capable and resourceful security professional and
ethical hacker.  Hacking is a creative art but businesses and governments
also require trusted professionals who can complete methodical Internet and
Information Security tests as in the OSSTMM.  The OSSTMM is the only
international, practical, low-level standard for security testing and is
used by countless businesses, governments, financial institutions, and
telecommunications companies for thorough penetration testing and ethical
hacking.

More information on the OSSTMM at http://www.osstmm.org/.

Classes include 70% hands-on lab learning with an experienced instructor.
The focus is on HOW and WHY of the Internet and Information Security
sections of OSSTMM 2.5 although all 6 sections are explained.  The exam will
be a lab exercise which requires testing against an Internet network.  The
exam is 4 hours and covers OSSTMM 2.5 and the BSTA Workbook (both will be
released in February).  The course and the exam have been approved by
LaSalle URL of Barcelona.  The certification exam will also be available
separately.

More information on the OPST at http://www.isecom.org/projects/opst.htm.

Travel costs are not included.  We have hotel recommendations of nearby
hotels on the website.  This and the schedule is available from
http://www.isecom.org/schedule.htm so please see this page for hotel and
further registration information.


February
        Thu.13th - Sat.15th
        Thu.20th - Sat.22nd
        9:00 to 18:00

        Duration: 6 days (44 hours + 4 hours for the exam)
        Trainer: Pete Herzog (creator of the OSSTMM)
        Information: training () isecom org

March
        Mo.17th -Fr.21st
        9:00 AM to 1:00 PM and
        2:00 PM to 6:00 PM

        Duration: 5 days (36 hours + 4 hours for the exam)
        Trainer: Pete Herzog (creator of the OSSTMM)
        Information: training () isecom org

Sincerely,
Pete Herzog
Managing Diector
www.isecom.org
www.osstmm.org



----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/