Project : Samaritan

Websites like the Honeynet project et.al. are a psychological victory for the positive security scene. People are now more motivated to play on the good side than the bad. There is a need to highlight this aspect along with the technological impact. We are standing at a very important juncture in time, this is a moment where all of you us can choose to empower a positive culture and climate atleast in our field.

Behind every exploit, code and project out there, are people. They have emotions, needs and real issues. Many of the contributors to the scene are students, people starting out in life. Everyone needs some acknowledgement and friends. Not everyone is from your part of the world, so he may not be able to get into a top class university or afford that glitzy SANS training program.

My idea is this - build up free and respected, vendor-neutral training modules and certifications systems in network security that are open to everybody (anyone with an e-mail can sign up and work thru the levels). Remember what Hotmail did to free e-mail ?

The tutorials, learning processes can be developed, each level will have increasing difficulty .. the last level may be when the indvidual does something amazing (like developing a tool). These personal achievements are documented via a retrievable web reference (which can be used for the real world by the individual) coupled with rewards like a free shot at the established certifications or courses.

Think about it. There are a lot of beginners who have a good head on their shoulders, would you rather have them become a nobody or give them the opportunity to prove themselves ? There is power and velocity in good intent. It's all about intent. Unlock this and you've solved the fundamental problem of information security.. making sure that the good guy does'nt become the bad guy.

- Arun Darlie Koshy