Re: [Full-disclosure] [Professional IT Security Providers - Exposed] QuietMove ( D - )

[Adam Muntner <adam.muntner@xxxxxxxxxxxxx>]

Your review gets a d-.

You can't add. You can't spell. Your skills appear to be limited to  
rudimentary use of a browser and linkedin.com. In combination with  
your undeserved and unearned sense of self importance, pretty pathetic.

You spelled Marcin's last name wrong. Great use of linkedin.com. You  
can't even cunt n paste. He interned for us last semester. He isn't a  
front line consultant. So,you fail the ^c ^v and spelling practical,  
as well as the investigative one. We have 2 other consultants besides  
myself-they don't use linkedin and you didnt find them. Our clients  
know our consultants. We don't post their names on the website.

F is for failure.

As for my experience - I was also a the security officer for an at the  
time publicly traded company for 2 years, the IT director of 2 .com  
startups where security was my responsibility for several years, and  
for the last 2 have been deeply involved with all customer engagements.
Prior to that I spent the 90s architecting, developing, and leading  
developer teams.
I hsve been pentesting since 98 and nearly nonstop since 2000. You  
were what, 11 years old then? Clearly, basic arithmetic isn't a strong  
point of yours, either. I suspect you spent the 90s in grammar school.  
At lest you seemed to learn something there.

On that note....

Most of our clients are referred by others who are very satisfied with  
the work we perform. Not by the website. It doesn't get a lot of  
attention - were small but growing and focused on serving our clients.  
I know basic HTML seems like the pinnacle of achievement to you, but  
we aren't in the business of making pretty web pages. We discuss our  
methodology with our clients-we don't post it on the web. I know you  
were hoping to learn nimething. Hacking for dummies might be more your  
speed, after you perfect your Cunt and Paste skills.

I took the plunge and started what is now a growing business nearly 2  
years ago, and we now serve 3 fortune 1000 clients, replacing much  
larger firms, plus a good number of midsize clients. Being an  
entrepreneur is a lot more challenging than being an anonymous  
anklebite, though from your moms basement it might not seem that way.

I'm heading to Manhattan for some R&R right now. If you are in the  
vicinity let me know, I'll buy you a beer (if you're 21) and you can  
meet me yourself and post a review or somthing.

Don't take this wrong - consider it constructive criticism and try  
harder next time. It's good to know we are recognized enough to be  
noticed by the mighty, anonymous secreview. This might even double our  
daily web traffic to 20 visitors. ;)

Adam Muntner
Managing Partner
QuietMove, Inc.
http://www.quietmove.com

Sent from my iPhone

On Dec 31, 2007, at 4:13 PM, secreview <secreview@xxxxxxxxxxxx> wrote:

> QuiteMove, located at http://www.quitemove.com is a small  
> Professional IT Security Services Provider that offers Training  
> services, Incident Response Services, Web Application Security  
> Services and Penetration Testing Services. QuiteMove was started by  
> Adam Munter in 2006 along with Jeffrey Rassas, and James Garvey, Jr.  
> You can read their mission statement here "http://www.mywikibiz.com/Directory:QuietMove 
> " (but its pretty basic).
>
> When reviewing the QuiteMove website and people we were not the  
> least bit impressed. The QuiteMove website is packed full of  
> grammatical errors and many of the services don't even have  
> descriptions. The services that do have descriptions are very poorly  
> written and very poorly defined. Take a look at their Penetration  
> Testing service offering as an example. If you want to see an  
> example of no content check out their Social Engineering offering.
>
> Since we were unable to extract anything useful from the materials  
> provided to us by QuiteMove we decided to focus on the talent behind  
> QuietMove. Unfortunately we were equally unimpressed. The only  
> technically oriented team members that we were able to identify  
> within QuietMove were Adam Munter, who is a founder and Marcin  
> Wielgoszewsk, who is a very "green" consultant. Seeing as Adam  
> Munter is being positioned as the technical visionary for QuietMove,  
> we decided to focus on him and not on Marcin.
>
> Adam's Linkedin Bio: http://tinyurl.com/yt9j2y
>
> As it turns out Adam Munter worked for Accuvant, a company that  
> competes directly with Adam's QuietMove; prior to founding  
> QuietMove. Adam's role at Accuvant was to lead consultants on IT  
> Security Engagements for large orginazations. In conjunction with  
> this, Adam also spoke at conferences. He worked here for 1 year and  
> 1 month.
>
> Prior to working for Accuvant, Adam worked for Pegasus Solutions  
> Inc. as the acting Chief Security Officer. Pegasus is the largest  
> hotel reservation distribution system vendor and a major vendor of  
> Hotel Management systems. Adam did get some Sarbanes Oxley work  
> under his belt as he helped Pegasus to successfully "marshall"  
> through their first audit. Adam also initiated the program to help  
> get Pegasus to be Visa CISP compliant, including evaluating and  
> changing their handling of payment Cardholder data. He worked here  
> for 2 years and 1 month.
>
> From August 2000 to January 2003 Adam was a "Founding member of  
> IBM's Ethical Hacking Center of Competency." His responsibilities  
> included being a technical interviewer for new hires, a Penetration  
> Testing Subject Matter Expert, and the performance of consulting  
> engagements for clients ranging from midsize companies and  
> government agencies to the fortune 500. Adam worked for IBM for 2  
> years and 6 months.
>
> So if we add up the relevant experience that Adam has had according  
> to his linked in bio we get 1 year and 1 month + 2 years and 6  
> months, which is a grand total of 3 years and 7 months of  
> professional IT Security Consulting Experience. Not sure about our  
> readers, but to us at Secreview that hardly makes Adam an IT  
> Security Expert.
>
> But wait, now we have a discrepancy...
>
> According to the QuietMove website, Adam "has over 14 years of  
> experience in information security, software, and product R&D with 8  
> years being dedicated solely to security." His QuietMove bio goes on  
> to say "Adam’s particular talents include penetration testing of web 
>  and binary applications, networks, systems, and SCADA, “social engi 
> neering” and physical penetration of facilities, and in developing p 
> rofessional services offerings."
>
> This just doesn't add up.
>
> Anyway, remember we didn't set out to bash anyone here, but Adam/ 
> QuietMove put himself/themselves in the line of fire. QuietMove  
> appears to be a very small and disorganized shop. Their website is  
> half-assed and incomplete and we can't say anything better about  
> their talent profile. We suggest that QuietMove complete their  
> website and review their talent profile, then we'll set out to do  
> another review and see if they score better. As of right now, we  
> can't give them more than a D-. We'll keep an eye on their website  
> and redo this review if they ever fix their issues.
>
>
> Score Card (Click to Enlarge)
>
> --
> Posted By secreview to Professional IT Security Providers - Exposed  
> at 12/31/2007 11:32:00 AM
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/