RE: Ethical Hacking Training

["Teicher, Mark (Mark)" <teicher () avaya com>]

Talisker,

I still have an issue with the term "Ethical hacking"  It was a term
born out of the Big Six when they were trying build their security
practices and leverage their existing client base.  I still feel the
term is somewhat of slant on those who practice "holistic security" and
actually attempt to help customers improve their network security
posture instead of pointing out the "glaring" hole that those who
practice "Ethical Hacking" like to do.  

I have worked in the past with those who preach and teach "Ethical
Hacking" Many of those people have published books exploiting that exact
theme.

Why not spend the time in researching how to correct security exploits
in enforcing secure coding standards and forcing vendors to clean up
their act and making their products work more efficiently and securely.

/mark

-----Original Message-----
From: Rob Shein [mailto:shoten () starpower net] 
Sent: Friday, January 16, 2004 1:58 PM
To: 'Andy Cuff [Talisker]'; pen-test () securityfocus com
Subject: RE: Ethical Hacking Training

One thing to watch out for is something Foundstone did at one point.
They took note of the companies from which everyone came, and eventually
ran a rather large advertisement which named every company that in any
way competed with them, which further insinuated that these companies
only knew what they knew from attending Foundstone training.  I know
this because the company I worked for at the time was named; one of our
people had attended a seminar out of curiosity (he was let go as a
result).

> -----Original Message-----
> From: Andy Cuff [Talisker] [mailto:lists () securitywizardry com]
> Sent: Thursday, January 15, 2004 3:16 PM
> To: pen-test () securityfocus com
> Subject: Ethical Hacking Training
>
>
> Hi all,
> I've just been adding a few more ethical hacking training providers to

> the site at http://www.securitywizardry.com/hacking.htm > the site now

> has details on 23 such courses and their numbers are increasing all 
> the time.
>
> I'm looking for articles or advice, not on ethical hacking but what a 
> potential student should look for in such a course and pitfalls to 
> avoid. Apart from "don't bother, buy a book" ;o)
>
> I've recently added some new offerings from 7Safe, Net-Security 
> Training who used to provide Verisign courses and Lever.
>
> The Sensepost site from South Africa seems to be down does anyone know

> what has become of them and whether this is a temporary glitch or if 
> yet another provider has gone down the pan?
>
> The best I've heard of yet, was the suggestion to hold the course 
> during a Caribbean cruise!! The courses are heavy enough without 
> hangovers and sea sickness to worry about, also imagine justifying it 
> to the boss!!  I didn't post that one on the site.
>
> Any details on other courses that I'm missing are always welcome, 
> especially outside the UK or USA which seem to be the most prolific at

> the moment.
>
> take care
> -andy
> Talisker Security Tools Directory http://www.securitywizardry.com
>
>
> --------------------------------------------------------------
> -------------
> --------------------------------------------------------------
> --------------


------------------------------------------------------------------------
---
------------------------------------------------------------------------
----




---------------------------------------------------------------------------
----------------------------------------------------------------------------