ISECOM NEWS	ISECOM IN THE MEDIA	ISECOM SCRAPBOOK
September 18 - 21 2006, HITBSecConf2006, Kuala Lumpur, Malaysia. Raoul Chiesa, Director of Communications of ISECOM and Founder and CTO of @Mediaservice.net Srl speaks at the 'Hack In The Box' Security Conference in Malaysia. For detailed information please visit June 15 - 16 2006, Barcelona - CISO Executive Summit and Roundtable Pete Herzog, Managing Director of ISECOM, will be joining the panel Legal & Compliance Challenges for Today's CISO - Obstacles & Overlaps  at the CISO Summit in Barcelona. May 16th to 19th 2006 - Orbit-iEX ‘06, in Zurich at the Solution Park of IX Europe. Dreamlab / ISECOM will be present at the IX Europe stand at the Orbit-iEX ‘06, in Zurich for more information visit: http://www.orbit-iex.ch/ November 7th to 11th 2005, Athens @ Mediaservice.net was at the Hellenic Data Protection Authority (Athens), teaching the class "Basic Introduction to the OSSTMM and Proactive Security". June 30th 2005, Rome, ISACA Chapter Speaker: Raoul Chiesa, ISECOM's Director of Communications Title: The End of Ethical Hacking June 26 - 30 2005 in Washington, DC - DIAAnnual Meeting, the largest Pharmaceutical conference in the US. ISECOM was represented by Kim Truett and Robert E. Lee. June 21st 2005, Buenos Aires, Argentina Hernán Marcelo Racciatti and Diego San Esteban represented ISECOM at the "Infosecurity 2005" event in Buenos Aires. The topic was the OSSTMM and the RAVs. June 16th - 17th, The 2nd Annual CISO Executive Summit 2005, Geneva - Switzerland Nick Mayencourt and Martin Rutishauser of ISECOM Switzerland talked about the myth of patching as well as the practicality (or necessity) of VOIP security. June 3rd 2005, Hotel Sheraton, Buenos Aires, Argentina - Security & Ethical Hacking - Conference & Exhibition Hernan Marcelo Racciatti and Diego San Esteban presented the OSSTMM and ISECOM's certifications. June 2nd, 2005, 6-9 PM, ESNE - Madrid  "ISM3: easier Information Security Management" by Vicente Aceituno May 27th 2005 - Security Management 2005, Buenos Aires, Argentina Diego San Esteban represented ISECOM. May 26th 2005, Milan, Crown Plaza Hotel, LINUX WORLD EXPO (Workshop) Speaker: Fabrizio Sensibile, ISECOM Authorized Trainer Title: An Introduction to the OSSTMM May 25th - 26th, IS2 2005 (Information Security Summit), Prague - Czech Republic Pete Herzog presented the following topics: "The End of Ethical Hacking" How one company had their ethical hacking team apply the OSSTMM to gain product insight instead of just finding vulnerabilities. -Case Study on Security Procurement: gedas Iberia SSL-VPN test lab -The Open Source Security Testing Methodology (OSSTMM) 3.0 -How Risk Assessment Values (RAVs) 3.0 Work -OSSTMM Harmonization with Made-to-Order Methodologies May 25th  2005, Milan, Crown Plaza Hotel, LINUX WORLD EXPO (Keynote Speech) Speaker: Raoul Chiesa, ISECOM's Director of Communications Title: The Hacker High School Project March 9-10th, 2005 bSecure Conference, Mexico City, Mexico, Isecom Associate, Luis Javier Pérez presented the topic "Bluetooth and mobile phones" in the wireless security panel. The talk was centered on bluetooth usage growing and the risks associated with it as well as risks posed by mobile phone use. The event, sponsored by Mexican security magazine bSecure,focused on the strategies needed to ensure a secure environment, highlighting hacking, spyware, spam, phishing, wireless, forensics, computer crime and best practices for information security. www.bsecure.com.mx/conference [Download Presentation] November 2004, SIMO - Madrid Daniel Fernández (founder of Internet Security Auditors, and ISECOM Training Partner) represented ISECOM at a certifications round table at SIMO, the most important computer and telecommunications congress in Spain. Other participants were José Manuel Ballester (President of ISACA), Rafael Ausejo (Product Manager of Sentryware), Javier Pagès (President of ISSA) and Pablo Martín, (Microsoft Ibérica, S.R.L.). Benefits about the most recognized independent security certifications were presented and commented, like those with the biggest grade of compatibility, complementation and recognition. The speakers made the participants aware of the need to get those certifications as a quality proof in front of clients who contract security personell of any level, as well as an excellent way to differenciate professionals in the security area. October 16-23 2004, LAS VEGAS, NV - USA - isestorm 2004 September 28-30 2004, Berlin, Germany - informaton security solutions europe http://www.eema.org/static/isse/ Renowned for its rich content from an independent perspective, ISSE (Information Security Solutions Europe) is the leading European security conference designed to educate and inform leading ICT security professionals, policy makers, and industry leaders, on the latest developments in technology, solutions, trends and best practice on a wide range of security topics. Nick Mayencourt of Dreamlab Inc and ISECOM Partner presented the topic "OSSTMM Risk Assessment Values: a practical approach towards Measuring Security". September 26, 2004, Toorcon, USA Robert E. Lee, Dyad Security, Deep Network Analysis: OSSTMM Based Security Testing, An introduction to Unicornscan. This talk focused on the fundamentals of using the Open Source Security Testing Methodology Manual (OSSTMM - www.osstmm.org) while performing security testing engagements as well as our vision for the future of the security testing industry. It also introduced a new Open Source (GPL) tool, Unicornscan. Unicornscan was built to be a very Scalable, Accurate, and Flexible information gathering engine. During the presentation some of Unicornscan's more exciting features were showed off.  Unicornscan  was released for the first time to the public shortly after the talk. September 24th, Linux World Expo Italy. Raoul Chiesa, Director of Communications for ISECOM, talked about the OSSTMM and professional security certifications at Linux World Expo Italy. The topic was "Open Source methodologies for proactive IT security"     In the afternoon Mirato SpA and Noicom SpA provided their experiences about using the OSSTMM. August 18th 2004, Chicago, USA - FFIEC Federal Financial Institutions Examination Council's conference. ISECOM's Director of Projects and Resources, Robert E. Lee, gave a 90 minute talk on the topic of Vulnerability Testing using the Open Source Security Testing Methodology Manual. The Council is a formal interagency body empowered to prescribe uniform principles, standards, and report forms for the federal examination of financial institutions by the Board of Governors of the Federal Reserve System (FRB), the Federal Deposit Insurance Corporation (FDIC), the National Credit Union Administration (NCUA), the Office of the Comptroller of the Currency (OCC), and the Office of Thrift Supervision (OTS) and to make recommendations to promote uniformity in the supervision of financial institutions. August 3, 2004 - TIC August released for Gold members and TIC March pubicly released. June 16-17 2004, Noga Hilton Hotel, Geneva - CISO Executive Summit Nicolas Mayencourt and Sylvie Reinhardt (DreamLab Inc.)  represented ISECOM at the MIS Training’s annual CISO Executive Summit will be an intensive learning and networking experience that will address the unique challenges faced by today’s CISO. The agenda weaves together real business cases and round table debates. The event is designed for IT Directors, Chief Security Officers, Heads of IT Security and senior executives, strategists and their advisors, who want to improve the security of their organisation’s systems for the benefit of their employees and customers. Learn more at: here or download the brochure. June 1-2 2004, Paris, France - Intelligence informationnelle 2004 Colloque - Pete Herzog at the Information Intelligence Conference in Paris. Learn more at: http://www.ir2i.com/colloque/04.05/index.php May 31st 2004, Santiago de Compostela, Spain - Pete Herzog  at e-Gallaecia May 2004 - TIC January 2004 publicly released April 5th 2004 - TIC December 2003 December Issue of the Invisible Catalog (TIC) publicly released. April 1st 2004 - New Training Partner in The Netherlands. NT Service BV will provide OPST and OPSA. April 1st 2004 - New Training Partner in Spain Internet Security Auditors, S.L. will provide OPST and OPSA training in Spain. March 22 - April 3 - isestorm Barcelona www.isestorm.org March 24-25-26 2004, Buenos Aires, Argentina - Hernan Marcelo Racciatti and Diego San Esteban represented ISECOM at the Latin-American Security Event 'Mas Alla del Password'. Organized by The CCAT (High-Tech Education Center, Centro de Capacitacion en Alta Tecnologia) and Convergencia Latina,  Latin-America's most expected Information Security conference. Many of the most distinguished Enterprises, Organizations and security specialists were Speakers at the conference. Subjects ranged from Security Management from the enterprise point-of-view to deeply technical speeches about different methods of explotation of vulnerabilities. March 4th 2004 - TIC November 2003 November Issue of the Invisible Catalog (TIC) publicly released. 23-27 February - ISECOM at the RSA Conference in San Francisco. Friday February 27th - Seminar: "Penetration Testing and the OSSTMM" The Charles W. Fullerton Institute of Analysis held a seminar titled "Penetration Testing and the OSSTMM". 17 February, 2004, "Security Testing and Analysis" lecture Richard Feist of Nyx Technologies (www.nyxtec.net) completed a 3hr lecture titled "Security Testing and Analysis" to the approx. 30 students of the MSc Info Sec course at Royal Holloway , University of London. The lecture was a cut down form of the OPSA course and gave a good introduction to the class on the OSSTMM and various aspects involved in setting up and delivering OSSTMM based security tests. February 4th 2004 - TIC October 2003 October Issue of the Invisible Catalog (TIC) publicly released. January 19th - ISECOM´s IRC Global Meeting December 15th 2003 - OSSMM 2.9. Communications Security Released for subscribers. November 24th 2003 - OSSTMM 2.1 Spanish released. The first complete translation of the OSSTMM 2.1 is available for download. November 17th-20th 2003- ISECOM at COMDEX Las Vegas. October 29th 2003 - OSSTMM 2.9 Wireless released October 1st 2003 - First Issue of the Invisible Catalog. This catalog is delivered privately to GOLD TEAM subscribers of ISECOM and then released to the public after 3 months. [more] September 2003 - New Partner in Switzerland Dreamlab will provide OPST and OPSA training in Switzerland. August 25th 2003 - OSSTMM 2.1. Released!! OSSTMM 2.1 Press Release Barcelona, Spain – 25th August 2003 – The Institute for Security and Open Methodologies (ISECOM) unveils the much anticipated 2.1 release of the Open Source Security Testing Methodology Manual (OSSTMM). [more] August 2003 - OPRP Database The Open Protocol Resource is now a searchable database.  Dru Lavigne has done some great work on this already and we could use a lot more support.  The database supports updates and suggestions so you too can contribute. Access the OPRP Database	February 28, 2007 - FOSDEM videos available - posted by Pete Herzog I just saw that the FOSDEM videos have been posted (fosdem.org). FOSDEM was a really great event with a lot of energy! It was a real pleasure to speak there. My talk went pretty smoothly and highlights the OSSTMM 3 and the metrics pretty well. You can see it too by downloading it HERE It's an Ogg/Theora encoded video so you may need VLC to play it (see http://videolan.org/ to get it) or if you know your video stuff you can go directly to the codec page at http://www.theora.org/. February 2007 - FOSDEM, interview with Pete Herzog - posted by Admin Pete Herzog is an exception among the speakers at FOSDEM 2007. His main focus it not a software project, but a "methodology" -- and one that aims to improve and measure IT security. What do you want to tell the FOSDEM audience in your talk? I want to show people that network security testing and analysis is complicated and they shouldn't rely on just their security scanners to tell them the answers. Security verification and analysis is something they should learn to do themselves or else they will miss many of the problems which the tools fail to show.  [ READ MORE ]  February 2007 Article for hakin9 in German by Christoph Baumgartner, Pete Herzog and Martin Rutishauser "Technische Security Audits nach OSSTMM". (GERMAN) December 2006, Argentina Hacking In Schools, Article published by Infobae.com about Kwell implementing the Hacker Highschool Project in Argentina. [more] November 18th, 2005 Article for Computerworld in German by Christoph Baumgartner "Security Tests bringen Licht ins Dunkel". (GERMAN) November 7th to 11th 2005, Athens The OSSTMM meets the Hellenic Data Protection Authority (HDPA) @ Mediaservice.net in collaboration with Datelec Hellas completed with success the educational training, titled “OSSTMM Basic Introduction, Theory and Practice”, on behalf of the Department of Auditors of the Hellenic Data Protection Authority. This constitutes the first part of a broader educational training, titled “Security Testing Path based on OSSTMM by ISECOM”.[more] February 2005 Specchio - February 2005, "A Scuola di Hacker" - Article about Hacker Highschool by Anna Masera [more] (ITALIAN) August 30, 2004 - How secure are you? By Mathew Schwartz A tool released today will help organizations move beyond general best-security practices to discern exactly how many systems are actually protected. [more] August 12th, 2005 Article for Computerworld in German by Christoph Baumgartner about the OSSTMM "Sicherheitstests mit Tiefgang". (GERMAN) August 5th, 2005 Article for Computerworld in German by Christoph Baumgartner about Social Engineering "social Engineering - trau schau wem". (GERMAN) August 12, 2004 - Non-Profit Provides Hacker Re-Training. As part of their mission to promote security and privacy awareness, the non-profit ISECOM (www.isecom.org) is bringing its week-long forum and cross-training event, ISESTORM (www.isestorm.org), to the University of Nevada, Las Vegas from October 16th to the 23rd with support from UNLV's Rebelcard Services. [more] August 13, 2004 - Hacker Highschool Teachers Wanted. Las Vegas, NV - August 13, 2004 - "The principles of hacking should be taught in schools," said Pete Herzog. "It is the principles teens need to learn to avoid from being victims on the Internet." [more] November 2003 Red Seguridad n° 7 - La búsqueda de un código deontológico (4.7MB) - November 2003 by Daniel Fernández Bleda and Pete Herzog. (SPANISH) [more] November 2003 Versión en castellano de la metodología OSSTMM v2.1 y metodología para el análisis de redes inalámbricas - November 24th 2003, by Xavi Caballe (SPANISH) May 2003 WEEK IT - «Formare professionisti, non hacker» - May 29th 2003 - Article about the OPST (ITALIAN) by Guido Sintoni. [more] April 2003 Ciberpais - Abre en Barcelona una experiencia de 'Hackers' para adolescentes - April 22nd 2003  - Article about Hacker High School by Mercè Molist. (SPANISH) [more] May 2002 Pete Herzog´s Interview on COMRàdio - May 30th 2002 (CATALAN & ENGLISH) La Malla Ràdio - Seguretat informàtica Parlaem de seguretat informàtica amb Pete Herzog, un dels “ethical hackers” més reconeguts a nivell internacional i coordinador de Ideahamster, en el site del qual podem trobar l’ OSTMM, l’ únic estàndard públic per analitzar els riscos de seguretat a la xarxa. També entrevistem Jaume Abella, responsable de l’ àrea de telemàtica i director del màster en seguretat La Salle.	November 7th to 11th 2005, Athens The OSSTMM meets the Hellenic Data Protection Authority (HDPA) CLICK TO ENLARGE From the left: Ivan Verri (@ Mediaservice.net, Italy), The Auditor's Team at Hellenic Data Protection Authority, Stavroula Ventouri (@ Mediaservice.net, Greece), Raoul Chiesa, ISECOM Director of Communications August 2005, Italy Master TILS OPST Class CLICK TO ENLARGE June 21st 2005, Buenos Aires, Argentina, Infosecurity 2005 CLICK TO ENLARGE Hernan Marcelo Racciatti (left) and Diego San Esteban (right) May 27th 2005 - Security Management 2005, Buenos Aires, Argentina CLICK TO ENLARGE Diego San Esteban CLICK TO ENLARGE Hernan Marcelo Racciatti (left) and Diego San Esteban (right) CLICK TO ENLARGE Kevin Mitnick (left) and Diego San Esteban (right) April 2005, OPSA Students after attending a class in Rome held by @ Mediaservice.net S.r.l.: Fabio Giudici, Manuel Cavalieri, Massimiliano Graziani, Matteo Paolelli, Marco Demma, Fabrizio Sensibile (OPST & OPSA Trainer) CLICK TO ENLARGE May 31st 2004, Santiago de Compostela,Spain  Denis Pilipchuck, Phil Zimmermann and  Pete Herzog visiting Santiago prior to e-Gallaecia. March 22 - April 3 2004 - isestorm Barcelona March 24-25-26 - Argentina, Security Conference 'Más Alla del Password' February 26 - OPST Students after attending a class in Torino held by @ Mediaservice.net S.r.l. Luca Legato - Gabriele Biondo - Davide Carnevali - Lorenzo Migliardi - Fabrizio Sensibile CLICK TO ENLARGE February 23-27 2004 - ISECOM at the RSA Conference in San Francisco. Friday February 27th - Seminar: "Penetration Testing and the OSSTMM" - Charles W. Fullerton Institute of Analysis February 2004 - OPST Students after attending a class held by Sensecurity Institute in Singapore. (Left to Right): Mr Christopher Low (Chief Instructor, Sensecurity), Mr Gordon Tan (Customer Support Engineer, Seven Seas), Mr Alex Neo Chee Teong (Asst Manager, CSIT), Mr Kelvin Goh Kien Ming (PWC), Mr Chiong Yew Heng (Senior Consultant, SAP)  CLICK TO ENLARGE