A group of security developers has called for an industry standard for internet security testing. The group, called Ideahamster, which includes a mixture of security experts and developers, has suggested that the introduction of such a standard would make it easier . . .
A group of security developers has called for an industry standard for internet security testing. The group, called Ideahamster, which includes a mixture of security experts and developers, has suggested that the introduction of such a standard would make it easier for users to judge security products. Security firms currently use a number of different methodologies for testing their products.

Members of the group said the idea of the Open Source Security Testing Methodology Manual was spawned after they became "sick of reading bland testing methodology descriptions".

Group member Pete Herzog said that the focus of the manual "is to set forth a standard for internet security testing. Regardless of firm size, finance capital and vendor backing, any network or security expert who meets the outline requirements in this manual is said to have completed a successful security snapshot and therefore, if nothing else, has been thorough."

The link for this article located at vnunet is no longer available.