Penetration Testing mailing list archives
RE: Ethical Hacking Training
From: "Pete Herzog" <pete () isecom org>
Date: Mon, 19 Jan 2004 00:35:26 +0100
Hi, As a person who has begun to provide training on security testing and analysis, this is tough spot for me as well. The truth is the public buys hacking classes. That's all there is to it. And the more flashy and exploity and thrilling the better because that's what the people buy. But as people want more and more in their 5 days and they want to see hacking exploits, you can expect the money will continue to flow to the hucksters who solicit their wares the best. Funny thing though is that this is happening with almost every facet of security. Training is no different. I really have no plans to take our trainings down that road. But it's a fight every time with people who think ISECOM should be mainstream. Sincerely, -pete. Pete Herzog, Managing Director Institute for Security and Open Methodologies www.isecom.org - www.osstmm.org www.hackerhighschool.org - www.isestorm.org
-----Original Message----- From: Don Parker [mailto:dparker () rigelksecurity com] Sent: Saturday, January 17, 2004 00:57 AM To: Andy Cuff [Talisker]; Rob Shein; pen-test () securityfocus com Subject: Re: Ethical Hacking Training Evening gentlemen/ladies, this is one sore spot for me. These "Ethical Hacking" courses and others along this vein. These vendors need to be far more clear, as to exactly what a student will come away with, and what they should have knowledge wise prior to attending. I recently sent some feedback to Information Security Magazine in regards to their Technical Editor's take on one such course, (and the technical errors in his column). The problem is that the security industry as a whole is becoming one big money machine. These courses are giving people unrealistic expectations of what they will know after one of these 1 week courses. Nothing wrong with trying to make a dollar, but one should be honest as well in the process. It is doing a great disservice to the industry as a whole to make people think that they will be a "hacker" after a 1 week course. It should be clearly stated that these courses are but an introduction into the world of the true hacker. It will be up to the student to make of it what they will, and then build upon it. Showing people what "Ethical Hacking" is all about is a laudable goal. The thing is we must not forget our own ethics along the way to doing so in pursuit of the almight dollar.
--------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- RE: Ethical Hacking Training, (continued)
- RE: Ethical Hacking Training rob (Jan 18)
- Re: Ethical Hacking Training Jeremiah Cornelius (Jan 18)
- SUMMARY: Re: Ethical Hacking Training Andy Cuff [Talisker] (Jan 19)
- RE: Ethical Hacking Training charl van der walt (Jan 16)
- RE: Ethical Hacking Training Teicher, Mark (Mark) (Jan 18)
- Re: Ethical Hacking Training Jimi Thompson (Jan 19)
- Re: Ethical Hacking Training Steve Kemp (Jan 19)
- Re: Ethical Hacking Training Tim Gurney (Jan 20)
- RE: Ethical Hacking Training Rob Shein (Jan 20)
- Re: Ethical Hacking Training Jimi Thompson (Jan 19)
- RE: Ethical Hacking Training Pete Herzog (Jan 19)
- Re: Ethical Hacking Training Mike Hoskins (Jan 20)
- Re: Ethical Hacking Training Meritt James (Jan 19)
- Re: Ethical Hacking Training Stormwalker (Jan 20)
- RE: Ethical Hacking Training Kurt (Jan 20)
- Re: Ethical Hacking Training Kevin Johnson (Jan 20)
- RE: Ethical Hacking Training S. Thomas (Jan 20)