![[LWN Logo]](/images/lcorner.png)
![[LWN.net]](/images/Included.png)
|
|
|
|
From: "pete" <pete@ideahamster.org> To: <secpapers@securityfocus.com> Subject: Security Testing Methodology 2.0 Date: Fri, 1 Mar 2002 10:41:35 +0100 Hi, I want to announce that the Open Source Security Testing Methodology Manual 2.0 has been posted for peer-review at http://www.osstmm.org/download.htm. Covered in the 2.0 manual are the following areas: --Internet Security --Information Security --Physical Security --Communications Security --Wireless Security --Social Engineering This manual is a detailed methodology for standardizing the process of security testing so as to ensure a complete and thorough job. This is a nearly complete re-write of 1.5 from the ground up to assure clarity and practicality. Included are the Risk Assessment Values which provide values and a method for calculating and maintaining specific levels of risk from security breaches and other forms of organizational penetration methods besides Information and IT insecurities. This verson also includes many template samples including the information that must appear in a report to bear the Certified OSSTMM Compliance seal. I do hope everyone involved in the security field from IT professionals to auditors and soldiers to watchdog groups gets involved in the peer-review process to develop this standard. Sincerely, -pete. www.ideahamster.org