Mastering Trust in Security Assessments

[Pete Herzog <lists () isecom org>]

Hi,

ISECOM has been working on improving and replacing risk analysis, 
assessments and management with trust. Our research has shown dramatic 
improvements from using a trust model based on fact over risk models. 
OSSTMM 3 (www.osstm.org) outlines much of this already and I am 
beginning to address this at various conferences.

Mastering trust has many benefits for security testing including 
improved social engineering, improved attack trees, and improved 
competitive intelligence gathering. Additionally, mastering the 
ability to see through phishing, scams, PR smoke screens, lies, and 
other deceptive practices also has the inverse of teaching how to 
improve stealth, cons, and fraud for your security tests.

A basic version of our Mastering Trust seminar presentation is 
available here:

http://www.isecom.org/events/Mastering_Trust_3.pdf

Enjoy!

-pete.

--
Pete Herzog - Managing Director - pete () isecom org
ISECOM - Institute for Security and Open Methodologies
www.isecom.org - www.osstmm.org
www.hackerhighschool.org - www.badpeopleproject.org

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------