Did you work on OSSTMM 3?


It's been 7 years since OSSTMM 3 began. It was a long climb uphill because we got rid of all best practices and verified every practice before it went in. We searched for the essence of what security is and we think we found it both mathematically and practically. We did everything we could to make this OSSTMM easier to apply, more efficient, and overwhelmingly better. Many of you were part of that process. Below is the list of those who worked on the OSSTMM and provided value. Please check the list for your name. Make sure it is spelled right, your organization's name is correctly spelled right on there, and your country name is correct. Then just send me the updated information.

If your name doesn't show here it could be just an oversight. It's not personal! 7 years is a long time! So please just help refresh our memories by pointing out what you worked on and if you have correspondence with ISECOM, include that so we can verify it more quickly.

Thanks everyone for your help! And sorry for the cross-spamming but it's important we reach everyone about this to give attribution correctly.

Below is the list in no particular order (sorry!):


Pete Herzog, ISECOM
Marta Barceló, ISECOM
Raoul Chiesa, @Mediaservice.net, ISECOM Board Member, Italy
Richard Feist, Blue Secure Limited, ISECOM Board Member, New Zealand
Nick Mayencourt, Dreamlab Technologies Ltd., ISECOM Board Member, Switzerland
Urs B. Weber, Dreamlab Technologies Ltd., Switzerland
Robert E. Lee, Outpost24, ISECOM Board Member, USA
Jaume Abella, La Salle URL, ISECOM Board Member, Spain
Heiko Rudolph, Admeritia, Germany
Aaron Brown, Admeritia, Germany
Francisco Puente, GCP Global, Mexico
Christoph Baumgartner, OneConsult GmbH, Switzerland
Rick Mitchell, Bell Canada, Canada
Chris Griffin, ISECOM, USA
Kim Truett, ISECOM Board Member, USA
Alberto Perrone, @Mediaservice.net, Italy
Fabio Guasconi, @Mediaservice.net, Italy
Marco Ivaldi, @Mediaservice.net, Italy
Martin Dion, Above Security
Lars Heidelberg, Admeritia, Germany
Martin Pajonk, Admeritia, Germany
Dru Lavigne, Carleton University, Canada
Todd A. Jacobs, Codegnome
Phil Robinson, Digital Assurance, UK
Adrian Gschwend, Dreamlab Technologies Ltd., Switzerland
Daniel Hulliger, Dreamlab Technologies Ltd., Switzerland
Philipp Egli, Dreamlab Technologies Ltd., Switzerland
Simon Nussbaum, Dreamlab Technologies Ltd., Switzerland
Sven Vetsch, Dreamlab Technologies Ltd., Switzerland
Thomas Bader, Dreamlab Technologies Ltd., Switzerland
Colby Clark, Guidance Software, USA
Andy Moore, Hereford InfoSec
Peter Klee, IBM, Germany
Daniel Fernandez Bleda, Internet Security Auditors, Spain
Cor Rosielle, Lab106 & Outpost24, Netherlands
Steve Armstrong, Logically Secure
Simon Wepfer, OneConsult GmbH, Switzerland
Ian Latter, Pure Hacking, Australia
Ty Miller, Pure Hacking, Australia
Jordi André i Vallverdú, La Caixa, Spain
Jim Brown, Thrupoint
Fabrizio Sensibile, Italy
Charles Le Grand
Dave Lauer, USA
Jeremy Wilde, UK
Rob J. Meijer
John Hoffoss, Minnesota State Colleges and Universities, USA
Mike Mooney, USA
Gunnar Peterson, Arctec Group
Dieter Sarrazyn, Ascure nv.
Bob Davies, Bell Canada, Canada
Josep Ruano, Capside, Spain
Adrien de Beaupre, Canada
Clement Dupuis, CCCure, Canada
Armand Puccetti, CEA, France
Jose Luis Martin Mas, davinci Consulting, Spain
Sylvie Reinhard, Dreamlab Technologies Ltd., Switzerland
Josh Zelonis, Dyad Security, USA
Bora Turan, Ernst and Young
Luis Ramon Garcia Solano, GCP Global, Mexico
John Thomas Regney, Gedas, Spain
Mike Aiello, Goldman Sachs
Dirk Kuhlmann, HP, UK
John Rittinghouse, Hypersecurity LLC
Massimiliano Graziani, IISFA, Italy
Jose Navarro, Indiseg
Timothy Phillips, Information Assurance Solutions
Joan Ruiz, La Salle URL, Soain
Víktu Pons i Colomer, La Salle URL, Spain
Don Bailey, Mitre, USA
Roman Drahtmueller, Novell, Germany
Tom Brown, RWE Shared Services IS
Marcel Gerardino, Sentinel
Torsten Duwe, SUSE, Germany
Alexander Herzog, UNLV, USA
Alan Tang
Drexx Laggui, L&A Inc, Philippines
Gary Axten
Hernán Marcelo Racciatti
Jason Woloz, USA
John R. Moser
Manuel Atug
Mike Simpson, USA
Tom O'Connor
Ruud van der Meulen, Netherlands



Pete Herzog - Managing Director - pete@xxxxxxxxxx
ISECOM - Institute for Security and Open Methodologies
www.isecom.org - www.osstmm.org
www.hackerhighschool.org - www.isestorm.org

This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.


Relevant Pages

  • Re: And yet more shiao jiao clips
    ... And a 'thousand' other people to compare him to- I've been hit a fair ... And by a couple of other people who could do a similar skill- Mike is very ... The comparisons of ju-art with precursor practices from other countries is ... and considered it a high expression of judo refinement. ...
  • Re: Rebuking those who say they are Christians
    ... to encourage such practices as illegal immigration, ... you appear to be referring to an "evil society" ... >> says John, you're helping the devil. ...
  • Re: Vista Runs Well For Me
    ... John's "Professional" qualifications. ... he's decided are Microsoft's and Apple's best practices? ... the topic of this thread is John being incompetent. ... "Innovation is not about saying yes to everything. ...
  • Re: "Its Magic" VS "explained magic"
    ... On 2007-03-26, John W. Kennedy penned: ... recognize someone as a co-religionist if she practices the same ... Infuriating. ...
  • Re: Vista Runs Well For Me
    ... Inquisitive minds want to know ... John's "Professional" qualifications. ... he's decided are Microsoft's and Apple's best practices? ... the topic of this thread is John being incompetent. ...