Penetration Testing mailing list archives

Re: OSCP

From: "Chris Griffin" <chris () logossecurity com>
Date: Fri, 12 Dec 2008 16:38:39 -0500

I suggest that you read the full OSSTMM 3.0 for "real" aka
"operational security".  Also worth checking out would be NIST
SP800-30, NSA IAM/IEM/RTM, DOD DIACAP, and Andrew Jaquith's
SecurityMetrics book/blog/mailing-list.  There have been interesting
threads on the scadasec mailing-list lately as well.



Im currious why you say the OSSTMM "only" covers 10 controls.

Also, alot of folks in the USA dont realize yet there are certifications
for the OSSTMM.



Chris

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------

Current thread:

RE: OSCP Al Rivas (Dec 03)
- Re: OSCP Terry Cutler (Dec 05)
- Re: OSCP Andre Gironda (Dec 05)
- Re: OSCP Nick (Dec 05)
- <Possible follow-ups>
- Re: OSCP christopher . riley (Dec 12)
  - Re: OSCP Andre Gironda (Dec 12)
    - Re: OSCP Chris Griffin (Dec 12)
    - Re: OSCP Andre Gironda (Dec 13)
    - Re: OSCP christopher . riley (Dec 15)
    - Re: OSCP Gichuki John (Dec 16)
    - RE: OSCP Eduardo Di Monte (Dec 18)
    - RE: OSCP christopher . riley (Dec 18)
    - Re: OSCP JB (Dec 18)
    - Re: OSCP s0h0us (Dec 19)
    - Re: OSCP Taras P. Ivashchenko (Dec 18)
    - Re: OSCP Pete Herzog (Dec 18)
    - Re: OSCP christopher . riley (Dec 18)

(Thread continues...)