No More Of The Same Bad Security: Why The Osstmm 3 Is Threatening Modern Security Practices presented at hashdays 2010

by Pete Herzog (ISECOM),

Tags: Compliance


Summary : Modern security has become just a dance-off between jargon and products. Enterprises are doing what their being told by compliance requirements, books, and blogs and it's not working or it's not scaling. The problem is we are being taught to build defenses like consumers and it fails us again and again. Then most of us learn to late however that it's failed because the verification methods and security metrics provided are biased or indirect and therefore point out unmanageable and imaginary cause/effect relationships. That's why ISECOM took a different direction with the OSSTMM 3. This short seminar will explain how and why the OSSTMM 3 is nothing like security that you know. There's no Risk analysis, no threat analysis, no patching, and no security awareness yet it works efficiently and economically. The operational security metrics and trust metrics you will see in action are realistic and allow for immediate and accurate defensive changes in your tactics and overall strategy. The OSSTMM 3 will challenge what you think you know about security. Be prepared to be amazed.

Pete Herzog: Pete Herzog is the Managing Director of the security research organization ISECOM and the creator of the OSSTMM.