Talk:Offensive Security

This article is rated C-class on Wikipedia's content assessment scale.
It is of interest to the following WikiProjects:

Companies Low‑importance

This article is within the scope of WikiProject Companies, a collaborative effort to improve the coverage of companies on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.CompaniesWikipedia:WikiProject CompaniesTemplate:WikiProject Companiescompany articles

Low This article has been rated as Low-importance on the project's importance scale.

WikiProject Companies To-do:

Here are some tasks awaiting attention:

Article requests : Wikipedia:Requested articles/Business and economics/Companies
Assess : Category:Unassessed company articles
Copyedit : Category:Company articles needing attention
Infobox : Category:Company articles needing infoboxes
Maintain : Portal:Companies
Stubs : Help expand stub articles located at Category:Company stubs
Other :
- Tag company articles with the {{portal|Companies}} template
- Tag company talk pages with the {{WikiProject Companies}} project banner
- Answer requests for comments

Computer Security: Computing Low‑importance

This article is within the scope of WikiProject Computer Security, a collaborative effort to improve the coverage of computer security on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.Computer SecurityWikipedia:WikiProject Computer SecurityTemplate:WikiProject Computer SecurityComputer Security articles

Low

This article has been rated as Low-importance on the project's importance scale.

This article is supported by WikiProject Computing.

Things you can help WikiProject Computer Security with:

Article alerts will be generated shortly by AAlertBot. Please allow some days for processing. More information...

Answer question about Same-origin_policy
Review importance and quality of existing articles
Identify categories related to Computer Security
Tag related articles
Identify articles for creation (see also: Article requests)
Identify articles for improvement
Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc.
Find editors who have shown interest in this subject and ask them to take a look here.

Advert and unreliable sources tags[edit]

Between the long list of provided services with attractive copy (but no secondary reliable sources) and the inclusion of trivial content such as the company's recommendations for what to do during the covid19 pandemic, this article comes off like a brochure for the subject. While it does seem like there's enough reliable coverage to establish notability, the article includes multiple citations to sources that do not look reliable, such as Security Boulevard, which appears to primarily be a blog host. _signed,Rosguill ^talk 22:03, 19 March 2020 (UTC)[reply]

@Rosguill: Thanks for the review. FYI (in case you didn't review the history), this article was merged from two previous drafts and my own notes (some discussion here) while also editing other related articles. So, rather than toss all the "attractive copy" without good sources (which was mostly from previous drafts), it was left for future fixup and improved sourcing. The CEO wrote a more detailed (primary source) article on working from home, after the USA Today article, so that trivial mention could be expanded, perhaps.[1] On Security Boulevard, how sure are you? I see it has been used in 13 other articles[2], not that precedents carry any weight. They also list 2 people as Editors [3], and I found their articles to be better than typical "blog" quality. No previous RSN discussions were found.[4] -- Yae4 (talk) 12:35, 20 March 2020 (UTC)[reply]

Yae4, my assessment of Security Boulevard is based on their About page [5], where they say that the majority of their posts are blogs, and openly solicit people to contribute. _signed,Rosguill ^talk 17:17, 20 March 2020 (UTC)[reply]

Re Rosguill and "Failed Verification" for Gray Hat book[edit]

Re "failed verification"[6], see the summary from this search[7] where it says:

Gray Hat Hacking The Ethical Hackers Handbook, 3rd Edition
Allen Harper, ‎Shon Harris, ‎Jonathan Ness - 2011 - ‎
The best next step after downloading and playing with Metasploit is to explore the excellent, free online course Metasploit Unleashed. You'll find ways to use Metasploit in all phases of penetration testing. Metasploit includes host and ...

-- Yae4 (talk) 21:23, 27 March 2020 (UTC)[reply]

Yae4, my search summary didn't include this snippet. Generally speaking, you should always provide page numbers for book citations. That having been said, I'm satisfied with the above. _signed,Rosguill ^talk 22:01, 27 March 2020 (UTC)[reply]

BackTrack[edit]

The lead at BackTrack says In March 2013, the Offensive Security team rebuilt BackTrack around the Debian distribution and released it under the name Kali Linux, which is cited to a self-published post by Offensive Security. I see that there's another primary source saying that Matt Aharoni was involved, but I don't see how we can then conclude that it was developed with assistance and supervision from Offensive Security as is currently written. Finally, I'm not seeing where it's established that the distribution is widely used by security experts, which we really need a citation for. _signed,Rosguill ^talk 22:06, 27 March 2020 (UTC)[reply]

The infobox has another source, in archive,[8] that names "Muts" of Offensive Security as one of two "Coordinators." Distrowatch clearly shows Kali/Offensive security as "owning" Backtrack; https://distrowatch.com/backtrack redirects to Kali, and has plenty of reviews listed... The wording can be modified of course, but truth is. -- Yae4 (talk) 23:13, 27 March 2020 (UTC)[reply]

Having clicked through the reviews, I don't know that we can conclude that from these sources. The distrowatch source is a database entry that says "formerly BackTrack", but it's not clear who wrote it or what it means (is it a successor project? Did they just rename it? Somewhere in between?). One of the more reliable looking reviews calls Kali Linux a successor to BackTrack [9], but I don't think that necessarily entails that Offensive Security was involved in BackTrack, and certainly doesn't entail that they were supervising it. As for the Backtrack about page, it's not clear what "coordinator" means in this context, nor is it clear what the relationship between Muts and Offensive Security is, Offensive Security is merely listed as their personal website.

Based on the information available, I think that BackTrack should be mentioned in the Kali Linux section, and the relationship between the two distributions should be the focus, rather than Offensive Security's role in developing BackTrack. I think that basically any claim that could be made about direct involvement with BackTrack based on the sources presented here is original research. _signed,Rosguill ^talk 23:37, 27 March 2020 (UTC)[reply]

update: I see that one of the sources added for the first claim clearly identifies a relationship between OS and BackTrack, so I think that point is addressed. _signed,Rosguill ^talk 23:49, 27 March 2020 (UTC)[reply]

Wiki-correct handling of Rebranding of Offensive Security to OffSec?[edit]

What is wiki-correct handling of a Rebranding of Offensive Security to OffSec?

Include in discussion of company history as/if sourcing supports
Simply substitute the new brand name for the old brand name, wherever it occurs
Other

-- Yae4 (talk) 11:29, 27 April 2023 (UTC) Background:[reply]

Some time around March 1, 2023 a rebrand was announced.[10][11]
An editor (with relatively few edits Special:Contributions/Gt6336) changed the Offensive Security article on March 5, 2023, and moved it to OffSec and changed it a little more on March 27.[12]. Similar, with fewer editorial changes, was done at OffSec_Certified_Professional, formerly Offensive Security Certified Professional.
I am not sure if this is is best described as Rebranding#Corporate_rebranding or Rebranding#Small_business_rebranding, but should it follow the example of Altria where the rebranding is covered in the article, or should it be a simple name substitution as done by Gt6336?
An example of concern in OffSec is the change to say: In 2019, J.M. Porup of CSO online wrote "few infosec certifications have developed the prestige in recent years of the OffSec Certified Professional (OSCP)," because the citation actually says "Offensive Security" not Offsec, so the quotation longer matches the source.
Note: Related articles Kali_Linux and Kali_NetHunter have not yet been changed to reflect the rebrand.
Note2: This has not been discussed on the articles' Talk pages. A COI notification by another editor, and claim of non-COI is at User_talk:Gt6336.
I feel the edits at OffSec and OffSec_Certified_Professional should be mostly undone and the rebrand should be handled differently, but would feel better having independent confirmation and consensus first. Thanks. -- Yae4 (talk) 11:29, 27 April 2023 (UTC)[reply]

@Yae4: I'm having difficulty working out what is the neutral statement here. Also, you begin with a list, which is against the statement should not begin with a list in the same guideline. --Redrose64 🌹 (talk) 12:21, 27 April 2023 (UTC)[reply]

@Redrose64: Statement added above. -- Yae4 (talk) 15:27, 27 April 2023 (UTC)[reply]

(Invited by the bot) This is an article about the company. The name of the article should be the name of the company, not whatever word the marketing department is "embracing" this month. The renaming of the article was a bold move that should be reversed per BRD and then the final decision would come from the outcome of this RFC. North8000 (talk) 14:14, 27 April 2023 (UTC)[reply]

(bot spam as well) - The correct way is to move it to the new name, change the instances of its old name to new, then add a sentence about its name change. There should also be something about it being "originally known as" or something similar in order to distinguish it. This is just "in general" and each page would be slightly different. HOWEVER, we are putting the cart before the horse in this case as my opinion is assuming there are plenty of reliable sources documenting the name change. In this case, there is not so the page needs changed back to its original name per North8000 until those sources are available. --CNMall41 (talk) 21:27, 27 April 2023 (UTC)[reply]

They didn't change their company name.North8000 (talk) 17:17, 28 April 2023 (UTC)[reply]

(Invited by the bot) The names of the pages should not have been changed without proof that the company has actually changed its name. Reverse these name changes and edit accordingly, i.e. the rebranding can be mentioned on the page but should not be the name of the page. Qflib, aka KeeYou Flib (talk) 19:06, 28 April 2023 (UTC)[reply]

@North8000, Qflib, and Redrose64: Thanks for your comments. The changes have been undone, and I will remove the Rfc without formal closure. -- Yae4 (talk) 14:16, 4 May 2023 (UTC)[reply]