[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Mastering Trust in Security Assessments


ISECOM has been working on improving and replacing risk analysis, assessments and management with trust. Our research has shown dramatic improvements from using a trust model based on fact over risk models. OSSTMM 3 (www.osstmm.org) outlines much of this already and I am beginning to address this at various conferences.

Mastering trust has many benefits for security testing including improved social engineering, improved attack trees, and improved competitive intelligence gathering. Additionally, mastering the ability to see through phishing, scams, PR smoke screens, lies, and other deceptive practices also has the inverse of teaching how to improve stealth, cons, and fraud for your security tests.

A basic version of our Mastering Trust seminar presentation is available here:




Pete Herzog - Managing Director - pete@xxxxxxxxxx
ISECOM - Institute for Security and Open Methodologies
www.isecom.org - www.osstmm.org
www.hackerhighschool.org - www.badpeopleproject.org