OWASP NC October 2010 with Pete Herzog from ISECOM

  • Oct 13, 2010 · 6:30 PM
  • Coastal Federal Credit Union Headquarters

We are pleased to announce that Pete Herzog, Founder of ISECOM, will be joining us to discuss the new OSSTMM v3 and how it applies to web application security. Pete rarely gets to the US, so this is a unique opportunity to have an open discussion with him about trust-based security models and how to apply sound logic to securing (and testing) web applications. Seating is limited to about 60 people, so RSVP now, invite your colleagues, and we look forward to seeing you then. About ISECOM: The Institute for Security and Open Methodologies (ISECOM) is an open, non-profit collaborative community since January 2001. They are dedicated to providing practical security awareness, research, certification and business integrity. ISECOM provides certification, training support, and project support services for non-partisan and vendor-neutral funding of our projects and infrastructure and to assure you our training programs, standards, and best practices are truly neutral of national or commercial influence.

About OSSTMM: The Open Source Security Testing Methodology Manual (OSSTMM) is a peer-reviewed methodology for performing security tests and metrics. The OSSTMM test cases are divided into five channels (sections) which collectively test: information and data controls, personnel security awareness levels, fraud and social engineering control levels, computer and telecommunications networks, wireless devices, mobile devices, physical security access controls, security processes, and physical locations such as buildings, perimeters, and military bases.

Join or login to comment.

  • Hans E.

    The subject's concept made my head swim as it was a large change to traditional risk-based methodology. It offers a valuable quantitative measurement, which has a lot of appeal. I will need to read up and practice this some to understand it better, although Pete gave an excellent review.

    October 14, 2010

  • Jay W.

    Fantastic presentation.

    October 14, 2010

  • Darren F.

    Great Presentation -- Thanks much to Pete for coming to talk to us, and Mike for facilitating!

    October 14, 2010

  • valdez l.

    Excellent, thought proving and eye opening from the perspective of
    viewing security-in-width vs security-in-depth

    October 14, 2010

  • A former member
    A former member

    Great info! I was very thankful to Pete Herzog for coming all this way to deliver an exclusive peek into ISECOM and OSSTMM v3. As I thumbed through the demo copy of the book I was thinking "This would be an excellent resource to use as comparison to most of the security frameworks I work with currently." At the end of the meeting, I was lucky enough to win a copy of the coveted book and to meet the author, Pete. Fantastic! Thanks to Mike M for setting this up and to all those who attended. I hope to catch more OWASP NC meetings in the future!

    October 14, 2010

  • lance m.

    Pete was fantastic. Very thought provoking.

    October 14, 2010

  • A former member
    A former member

    Excellent subject and presenters...

    October 14, 2010

  • Roger A.

    This was very thought provoking and something I will pursue for future use. I deal with FISMA all the time on federal contracts. This methodology seem to make much more sense since it gives you a quantitative way to look at the security of a system. My brain is still processing all that Pete covered in such a short time.

    October 13, 2010

  • Michael M.

    David from Denver: As this will be largely an open discussion with Pete about the OSSTMM and its applicability to web applications specifically, there will be minimal presentation materials. We will, however, be making certain portions of the meeting's video publicly available after the fact. I will discuss with Pete if we can make any meeting notes or other information available after the fact


    September 30, 2010

  • David J.

    I am located in Denver, is there a way you could provide remote access as well?

    September 30, 2010

  • Michael M.

    For anyone interested, I posted an "Introduction to OSSTMM Version 3" article on Infosec Island

    September 14, 2010

  • Michael M.

    All, we are looking for sponsoring organizations to help us facilitate this Meetup with Pete. We are very fortunate to have secured his schedule and this is an excellent opportunity to align your company with this event. Sponsors will be given time for presentation and discussion about their organization, products and services. Contact me at [masked] if you are interested. Thanks!
    Mike Menefee

    August 31, 2010

30 went

People in this
Meetup are also in:

Create your own Meetup Group

Get started Learn more

Meetup has allowed me to meet people I wouldn't have met naturally - they're totally different than me.

Allison, started Women's Adventure Travel

Sign up

Meetup members, Log in

By clicking "Sign up" or "Sign up using Facebook", you confirm that you accept our Terms of Service & Privacy Policy