OSSTMM
The Open Source Security Testing Methodology Manual (OSSTMM) is a peer-reviewed methodology for performing security tests and metrics.
Information
Founded:
January 2001
Fans

6 of 301 fansSee All

Darell
Darell
Fe
Fe
Ronald
Ronald
Matt
Matt
Simha
Simha
Andrew
Andrew
Photos

1 albumSee All

Wall PhotosCreated about a month ago
No one has added fan photos.
Create a Page for My BusinessReport Page
 
OSSTMM

OSSTMM just to try it, we used the RAVs from OSSTMM 3 to find the Attack Surface of a Person to measure their exposure to the H1N1 virus. Interesting results. A Healthy adult is more protected than Healthy adult + Vaccine.

The Typical Person's Attack Exposure to the H1N1 Virus
Actual Security to H1N1 Virus based on the RAVs from ISECOM The RAV shows how much you are protected to a particular threat. The higher the number, the more you are protected...
By:Pete
Manuel Moreno Leiva

Manuel Moreno Leiva Can be great if any official training center be in Chile or Latam... we can´t found no one here in Latam! :(

October 27 at 3:05pm · Report
View all 4 comments
OSSTMM
OSSTMM
Interested parties should visit the ISECOM website and contact the ISECOM office directly through there.
November 4 at 10:19pm
OSSTMM
OSSTMM
Interested parties should visit the ISECOM website and contact the ISECOM office directly through there.
November 4 at 10:54pm
OSSTMM

OSSTMM We recently finished the re-design of the new RAV calculation sheet to measure the attack surface of anything. Those not familiar, the RAVs are the core of the OSSTMM providing mathematical sensibility and logic to the currently chaotic practice of security testing.

October 15 at 2:14am
Alvin Singh Khadaroo

Alvin Singh Khadaroo How to get started in Mauritius

October 9 at 7:56pm · Report
OSSTMM
OSSTMM
In many places where ISECOM doesn't reach yet, it's important for you to take lead. You can get people together, maybe make a seminar, and ISECOM can support you with presentations, information, and assistance. It's important that we get more people able to make sense of security.
October 12 at 1:29am
Umar Khan
Umar Khan
Karachi, Pakistan could do with some exposure to OSSTMM. I want to conduct 1-day free seminar; I would need OSSTMM presentation and other relevant information.
October 17 at 8:21pm
Michael Mondragon

Michael Mondragon How do I become a contributor to OSSTMM/ISECOM?

October 6 at 5:43pm · Report
OSSTMM
OSSTMM
To be a contributor, the best thing to do is to contact ISECOm off the website with the projects they have that interest you or a suggestion for a new project you want to collaborate with. We can always use more people!
October 12 at 1:25am
OSSTMM

OSSTMM Started mapping out OSSTMM 4 as we close OSSTMM 3. So far, planned for 4 is tighter integration with Trust Metrics in the tests for improved segregation of resources leading to less maintenance needs and costs. Also looking to integrate the Möbius Defense in as well. Many smaller improvements will also follow. Anything else? Now taking suggestions.

September 23 at 4:14am
Reebal Ghrawi

Reebal Ghrawi I'm looking for ISECOM classes in the KSA - Jeddah ??

August 27 at 8:25am · Report
OSSTMM
OSSTMM
You should check out the ISECOM website for classes in the region. I think the closest class is in Bahrain.
September 23 at 4:11am
OSSTMM

OSSTMM Anyone interested in getting involved in the Bad People Project? http://www.facebook.com/note.php?note_id=53668204885&1&index=1

The Bad People Project
What do bad people look like to children? This is my submission to how kids envision "bad people". Instructions: This is to be a part of the gallery of "bad people" drawings from children to promote child safety and security projects at ISECOM (www.isecom.org)...
By:Pete
OSSTMM

OSSTMM Just a reminder to people looking for ISECOM classes in the USA: there will be one next month in Indianapolis. It is the OSSTMM Security Analyst class from Sept. 21 - 25 and includes the Certification Exam. For more details contact Chris Griffin at 317-903-6516 or by e-mail to info@isecom.org.

Chandrasekar Umapathy

Chandrasekar Umapathy I am from India What is the best way to acheive OPST certification.

August 24 at 3:13pm · Report
OSSTMM
OSSTMM
We are working on a remote training program which combines self-study with mentoring. Contact ISECOM directly at www.isecom.org.
August 26 at 3:13am
Iip Permana

Iip Permana May I ask some question ?
There is possible to use OSSTMM 3.0 to test security of mobile banking using Transport Layer Security(TLS) in Wireless Application Protocol(WAP 2.0) ?
The target is confidentiality, message integrity, mutual authentication, non-repudiation, and prevent replay attack.
Would it be complicated for me to do ?
I use this for my final work at my collage to get bachelor degree.

August 18 at 5:59am · Report
OSSTMM
OSSTMM
With OSSTMM 3.0, this work can be done with more simplicity and clarity than with OSSTMM 2.2. Chapters 1 and 2 of OSSTMM 3 describe how to set up to do this and the methodology itself with give you the tests you need to do.
August 26 at 3:15am
OSSTMM

OSSTMM Pete's "surprise" interview after his presentation at Black Hat Amsterdam has been posted: http://www.madison-gurkha.com/en/gurkhast.php I think it's not too bad considering I was just off a plane, hungry, and tired from a very animated presentation. And I ramble on about physical security for homeowners and such too so it's probably relevant for anyone.

Madison Gurkha - "Gurkhast" podcast
Source: www.madison-gurkha.com
Madison Gurkha: Madison Gurkha supports organizations with high quality services to efficiently identify, decrease and prevent IT security risks
OSSTMM

OSSTMM Pete applied OSSTMM 3 research to show why Defense in Depth doesn't work for network security. It also shows the new attack visualization technique he developed as well as the REAL origin of Defense in Depth. You can get the presentation here: http://www.isecom.org/events/The_Mobius_Defense.pdf

www.isecom.org
Source: www.isecom.org
June 18 at 3:31am
Bruce Benton
Bruce Benton
I think the link has a problem- it just comes to this very same page... + can't open it from the isecom.org page, please correct me if I'm wrong...
June 18 at 6:42am
OSSTMM
OSSTMM
Unfortunately, the link has problems because of Facebook on some browsers. If you copy and paste it, it will work.
June 25 at 1:42am
OSSTMM

OSSTMM The last chapter of the OSSTMM 3 just finished! Celebration time! It's going out now to reviewers!

May 13 at 1:00pm
View all 5 comments
Iip Permana
Iip Permana
gratefully
June 16 at 10:23am
OSSTMM

OSSTMM Chapter 4, Security Metrics, 10 pages, has been now written and edited for OSSTMM 3. Just 1 chapter left, basic graphics, and formatting of the Appendices left!

May 6 at 12:07pm