Penetration Testing mailing list archives
Re: OSCP
From: "Chris Griffin" <chris () logossecurity com>
Date: Fri, 12 Dec 2008 16:38:39 -0500
I suggest that you read the full OSSTMM 3.0 for "real" aka "operational security". Also worth checking out would be NIST SP800-30, NSA IAM/IEM/RTM, DOD DIACAP, and Andrew Jaquith's SecurityMetrics book/blog/mailing-list. There have been interesting threads on the scadasec mailing-list lately as well.
Im currious why you say the OSSTMM "only" covers 10 controls. Also, alot of folks in the USA dont realize yet there are certifications for the OSSTMM. Chris ------------------------------------------------------------------------ This list is sponsored by: Cenzic Security Trends Report from Cenzic Stay Ahead of the Hacker Curve! Get the latest Q2 2008 Trends Report now www.cenzic.com/landing/trends-report ------------------------------------------------------------------------