Pen Test Study Group in Mumbai

["Balwant Rathore" <balwant () mahindrabt com>]

Hi,

My post’s response at pen-test () securityfocus com on forming a study group in
Mumbai for Penetration Testing was great. We are also giving top priority to
Web Application Penetration Testing.

The penetration test group is a group of professionals operating in INDIA.
We have focused our activities towards learning and upgrading ourselves to a
higher level in information security testing. Hence our primary aim is
towards setting up a smooth knowledge-sharing forum and to create a
community, which will be involved in testing secure architectures.

The group has set itself some small-medium term goals and a road map to
achieving them. Following are some of the initiatives and a brief
description of the same.

Study Workshops
These are short length workshops that answer the primary objectives of the
group knowledge sharing. These workshops will focus on particular topics,
which will be taken up by group members specializing in the same. The
presenter will provide detailed technical information (tools, techniques and
documentation) and wherever possible demonstration on the subject. We will
take OSSTMM as baseline and will try to cover all the topics in depth.
Interested presenters can choose a topic and inform the group moderators who
will coordinate the meet and inform the group.

Break-in Challenges
Some of the group members have setup honeynets to study newer attack
techniques. In the interest of the group the community will jointly conduct
attack challenges for the members. For example a defined group of members
can attack a preset honeynet, which is managed by another defined group of
members. Once the attacker group succeeds the honeynet group will provide an
intrusion report. Group’s concern is more and more learning. So honeynet
group can also coordinate with with attacker group to know all activities
which they have performed. Now Attacker group will share his experience in
town meeting. If attacker and Honeynet group is in remote location, they
will submit an intrusion report. One volunteer from group will study in
depth and share this learning.

Once this cycle is over team members can swap positions to create expertise.
Members can voluntarily register their honeynets for this practice, help to
members wanting to setup a honeynet will also be provided by the community.

Newer activities are in the process of finalization these activities will be
discussed in the group meetings and will be formally introduced to the
group. So come over and help us to create this learning community in
Penetration Testing.

Thanking You.
Sincerely,
Balwant Rathore, CISSP
Security Practices Group,
Mahindra-British Telecom Ltd.
Oberoi Estate Gardens, Chandivali,
Mumbai - 400 072, India.
Tel : +91 22 56922000 Extn - 8010
Fax : +91 22 28528959
Mobile: +91 98208 03333

*********************************************************
Disclaimer

This message (including any attachments) contains 
confidential information intended for a specific 
individual and purpose, and is protected by law. 
If you are not the intended recipient, you should 
delete this message and are hereby notified that 
any disclosure, copying, or distribution of this
message, or the taking of any action based on it, 
is strictly prohibited.

*********************************************************
Visit us at http://www.mahindrabt.com