I agree with Nate. It's odd how you dismiss any critics as 'trolls,' and
only believe that people who compliment your efforts are 'legitimate
readers.' As an author and public speaker I know that I get the most value
from people who critique my work because they help me to improve. Sure,
being slapped on the back feels good, but having someone point out my
mistakes helps me to fix them.
From: full-disclosure-bounces@lists.grok.org.uk
[mailto:full-disclosure-bounces@lists.grok.org.uk] On Behalf Of Nate
McFeters
Sent: Friday, December 21, 2007 2:08 PM
To: SecReview
Cc: full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] [Professional IT Security Reviewers -
Exposed] SecReview ( A + )
Unless I missed something, these seemed like legitimate responses. They may
not have all been delivered with tact, but I mean, you are on FD, what did
you expect?
I think some valid points are brought up about your credentials and your
process.
Nate
On 12/21/07, SecReview <secreview@hushmail.com> wrote:
PaulM:
You'd be right only if you weren't wrong. That being said, we're
not going to talk to the trolls any more. While it might be amusing
it's a waste of our time, and our readers time.
We will continue to write reviews and will continue to be as honest
and truthful as possible during our reviews. Likewise, if any of
our legitimate readers have any questions or comments about our
blog, we'd very much appreciate them. We especially want people to
comment if they have worked with a vendor that we have assessed, we
want to know your experience. Other than that, thanks for your time
and thanks for reading!
On Fri, 21 Dec 2007 07:00:40 -0500 Paul Melson <pmelson@gmail.com>
wrote:
On Dec 20, 2007 7:19 PM, SecReview < secreview@hushmail.com
<mailto:secreview@hushmail.com> > wrote:
1.) What are your qualifications for reviewing these
companies?
We are a team of security professionals that have been
performing a
wide array of penetration tests, vulnerability assessments, web
application security services etc. One of our team members has
founded two different security companies both of which have been
very successful and have offered high quality services. Yes we
have
all sorts of pretty little certifications, but those don't
really
matter.
So this is basically a tacit admission that every one of your
"team"
has something to gain by smearing the competition. At this point,
I'm
inclined to believe that the firms you've scored favorably are
your
employers. You're not only incompetent, it seems that you're
unethical as well. Not that I'm surprised.
PaulM
Regards,
The Secreview Team
http://secreview.blogspot.com
--
Click for free information on accounting careers, $150 hour potential.
http://tagline.hushmail.com/fc/Ioyw6h4dCaRmEr952Q9rDz2W8lHgc6veIDv3aadT6aNuL
UwzQUCOfu/
Professional IT Security Service Providers - Exposed
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
