[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] [Professional IT Security Providers - Exposed] QuietMove ( D - )

To: secreview <secreview@xxxxxxxxxxxx>, "full-disclosure@xxxxxxxxxxxxxxxxx >> full-disclosure" <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] [Professional IT Security Providers - Exposed] QuietMove ( D - )
From: Martin Zimmermann <mdz@xxxxxxxxxxx>
Date: Wed, 02 Jan 2008 01:04:42 +0100

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
  <meta content="text/html;charset=UTF-8" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
<font face="Courier New">Nice try, but....<br>
<br>
<img alt="" src="cid:part1.05010603.09070904@prohest.com" height="363"
 width="330"><br>
<br>
Adding, spelling and content sucks. Do better research next time.<br>
<br>
So thats; 2 try's, 2 Fails, 0 passed on your reviews.<br>
<br>
</font><font face="Courier New">/See me after class..<br>
<br>
</font><font face="Courier New">Hugz<br>
<br>
<img alt="" src="cid:part2.09090905.04010903@prohest.com" height="88"
 width="88"><br>
</font><br>
secreview skrev:
<blockquote
 cite="mid:1199135608713.cf608afc-1199-4eee-948b-dcb5f8fd579a@xxxxxxxxxx"
 type="cite">
  <meta http-equiv="Context-Type" content="text/html; charset=UTF-8">
QuiteMove, located at <a moz-do-not-send="true"
 href="www.quietmove.com">http://www.quitemove.com</a> is a small
Professional IT Security Services Provider that offers Training
services, Incident Response Services, Web Application Security Services
and Penetration Testing Services. QuiteMove was started by Adam Munter
in 2006 along with Jeffrey Rassas, and James Garvey, Jr. You can read
their mission statement here "<a moz-do-not-send="true"
 
href="http://www.mywikibiz.com/Directory:QuietMove";>http://www.mywikibiz.com/Directory:QuietMove</a>"
(but its pretty basic).<br>
  <br>
When reviewing the QuiteMove website and people we were not the least
bit impressed. The QuiteMove website is packed full of grammatical
errors and many of the services don't even have descriptions. The
services that do have descriptions are very poorly written and very
poorly defined. Take a look at their Penetration Testing service
offering as an example. If you want to see an example of no content
check out their Social Engineering offering.<br>
  <br>
Since we were unable to extract anything useful from the materials
provided to us by QuiteMove we decided to focus on the talent behind
QuietMove. Unfortunately we were equally unimpressed. The only
technically oriented team members that we were able to identify within
QuietMove were Adam Munter, who is a founder and Marcin Wielgoszewsk,
who is a very "green" consultant. Seeing as Adam Munter is being
positioned as the technical visionary for QuietMove, we decided to
focus on him and not on Marcin.<br>
  <br>
Adam's Linkedin Bio: <a moz-do-not-send="true"
 href="http://tinyurl.com/yt9j2y";>http://tinyurl.com/yt9j2y</a><br>
  <br>
As it turns out Adam Munter worked for Accuvant, a company that
competes directly with Adam's QuietMove; prior to founding QuietMove.
Adam's role at Accuvant was to lead consultants on IT Security
Engagements for large orginazations. In conjunction with this, Adam
also spoke at conferences. He worked here for 1 year and 1 month.<br>
  <br>
Prior to working for Accuvant, Adam worked for Pegasus Solutions Inc.
as the acting Chief Security Officer. Pegasus is the largest hotel
reservation distribution system vendor and a major vendor of Hotel
Management systems. Adam did get some Sarbanes Oxley work under his
belt as he helped Pegasus to successfully "marshall" through their
first audit. Adam also initiated the program to help get Pegasus to be
Visa CISP compliant, including evaluating and changing their handling
of payment Cardholder data. He worked here for 2 years and 1 month.<br>
  <br>
>From August 2000 to January 2003 Adam was a "Founding member of IBM's
Ethical Hacking Center of Competency." His responsibilities included
being a technical interviewer for new hires, a Penetration Testing
Subject Matter Expert, and the performance of consulting engagements
for clients ranging from midsize companies and government agencies to
the fortune 500. Adam worked for IBM for 2 years and 6 months.<br>
  <br>
So if we add up the relevant experience that Adam has had according to
his linked in bio we get 1 year and 1 month + 2 years and 6 months,
which is a grand total of 3 years and 7 months of professional IT
Security Consulting Experience. Not sure about our readers, but to us
at Secreview that hardly makes Adam an IT Security Expert.<br>
  <br>
But wait, now we have a discrepancy...<br>
  <br>
According to the QuietMove website, Adam "has over 14 years of
experience in information security, software, and product R&amp;D with
8 years being dedicated solely to security." His QuietMove bio goes on
to say "Adam’s particular talents include penetration testing of web
and binary applications, networks, systems, and SCADA, “social
engineering” and physical penetration of facilities, and in developing
professional services offerings." <br>
  <br>
This just doesn't add up.<br>
  <br>
Anyway, remember we didn't set out to bash anyone here, but
Adam/QuietMove put himself/themselves in the line of fire. QuietMove
appears to be a very small and disorganized shop. Their website is
half-assed and incomplete and we can't say anything better about their
talent profile. We suggest that QuietMove complete their website and
review their talent profile, then we'll set out to do another review
and see if they score better. As of right now, we can't give them more
than a D-. We'll keep an eye on their website and redo this review if
they ever fix their issues.<br>
  <br>
  <br>
Score Card (Click to Enlarge)<a moz-do-not-send="true"
 
href="http://bp1.blogger.com/_VcwqM25xL9M/R3lFJMGqVQI/AAAAAAAAAB8/up18_GDuZ8c/s1600-h/Y022OY.jpeg";><img
 moz-do-not-send="true" alt=""></a>
  <br>
  <br>
--<br>
Posted By secreview to <a moz-do-not-send="true"
 href="http://secreview.blogspot.com/2007/12/quietmove-d.html";>Professional
IT Security Providers - Exposed</a> at 12/31/2007 11:32:00 AM
  <pre wrap="">
<hr size="4" width="90%">
_______________________________________________
Full-Disclosure - We believe in it.
Charter: <a class="moz-txt-link-freetext" 
href="http://lists.grok.org.uk/full-disclosure-charter.html";>http://lists.grok.org.uk/full-disclosure-charter.html</a>
Hosted and sponsored by Secunia - <a class="moz-txt-link-freetext" 
href="http://secunia.com/";>http://secunia.com/</a></pre>
</blockquote>
<br>
<div class="moz-signature">-- <br>
<meta content="text/html; " http-equiv="content-type">
<title>mail sig</title>
<br>
<div align="center"><a href="http://www.linkedin.com/in/mdzdk";> <img
 src="cid:part3.03040705.09070304@prohest.com"
 alt="View Martin Dipo Zimmermann's profile on LinkedIn" border="0"
 height="30" width="120"></a></div>
<table border="0" cellpadding="1" cellspacing="1" width="100%">
  <caption align="bottom"><br>
  </caption><tbody>
    <tr>
      <td align="undefined" bgcolor="white" valign="undefined"
 width="100"><font face="Courier New, Courier, monospace"><br>
”If you think technology is gonna solve your security problems,
then you dont understand your problems, and you dont understand the
technology..”<br>
      </font>
      <div align="center"><font face="Courier New, Courier, 
monospace"><big>Bruce
Schneier</big></font><br>
      </div>
 
      <div align="center"><font color="#3333ff"
 face="Courier New, Courier, monospace">-----BEGIN PGP SIGNATURE-----</font><br>
      </div>
      <div align="center"><font color="#009900"
 face="Courier New, Courier, monospace"><a class="moz-txt-link-abbreviated" 
href="mailto:mdz@xxxxxxxxxxx";>mdz@xxxxxxxxxxx</a></font><font
 color="#009900"><br>
      </font><font color="#009900"
 face="Courier New, Courier, monospace"><a class="moz-txt-link-freetext" 
href="http://www.prohest.com";>http://www.prohest.com</a></font><font
 color="#009900"><br>
      </font><font color="#009900"
 face="Courier New, Courier, monospace">Version: GnuPG v1.4.7 </font><font
 color="#009900"><br>
      </font><font face="Courier New, Courier, monospace"><font
 color="#33cc00"><font color="#009900">Primary key fingerprint:  BDB3
A681 67AC 4D2D 8A62 D1EC 64D1 531B 81B5 4B5A</font> </font></font><br>
      <font color="#3333ff" face="Courier New, Courier, monospace">-----END
PGP SIGNATURE-----</font><br>
      </div>
 
      <div align="center"><font face="Courier New, Courier, monospace">"Never
believe anything until it's officially denied."<br>
      <big>Claud Cockburn</big></font><br>
      </div>
      <br>
      <br>
      <div align="center"> <a
 
href="http://www.shirtcity.com/myshirtshop/merchandising/513218/t-shirtshop.html";><img
 alt="" src="cid:part4.05060104.06030603@prohest.com" border="2"
 height="103" width="400"></a></div>
      </td>
    </tr>
  </tbody>
</table>
</div>


<BR><BR>
<TABLE width=400><HR>
<P style="FONT: 9pt/11pt verdana"><a href="http://www.avast.com";>avast! 
Antivirus</a>: Outbound message clean.
<P style="FONT: 8pt/11pt verdana">Virus Database (VPS): 080101-0, 
01-01-2008<BR>Tested on: 02-01-2008 01:04:42<BR><FONT color=gray>avast! - 
copyright (c) 1988-2008 ALWIL Software.</FONT></P>
<TBODY></TBODY></TABLE>
<BR>

</body>
</html>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] [Professional IT Security Providers - Exposed] QuietMove ( D - )
  - From: secreview

Prev by Date: Re: [Full-disclosure] [Professional IT Security Providers - Exposed] QuietMove ( D - )
Next by Date: [Full-disclosure] Corporations and Institutes to target for attack & exploitation
Previous by thread: Re: [Full-disclosure] [Professional IT Security Providers - Exposed] QuietMove ( D - )
Next by thread: Re: [Full-disclosure] [Professional IT Security Providers - Exposed]QuietMove ( D - )
Index(es):
- Date
- Thread