Network Security: Detailed info on Re: Why Penetration Test?

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Pen-Test

[Top] [All Lists]

Re: Why Penetration Test?

from [cbc] Network Security

[Permanent Link]

Subject:	Re: Why Penetration Test?
Date:	Fri, 10 Jun 2005 23:42:39 -0700 (PDT)


Hi All,

My comments on these are:

A pentest which is useful and is able to add value to
a company who pays the service is only if the results
and finding are tally with the goal and expectation
established during the initiation of the exercise.

It is meaningless to judge which scenarios is the best
as if my goal of a pentest is to find as many as
vulnerabilites you can and exploit it, then I will say
scenario C is the best. But if my goal is to find
which vulnerbailities would impact my business most,
then scenario A is a better candidate.

In summary, ensuring a proper goal and expectation is
achieved during the planning stage is very vital. You
will find the evaluation and management process more
manageable by doing so!


Regards,
Boon Chin, 
Senior Security Consultant, Singapore

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Why Penetration Test?, tarunthenut Re: Why Penetration Test?, Terry Vernon RE: Why Penetration Test?, Erin Carroll Re: Why Penetration Test?, Brahman Thiyagalingham Re: Why Penetration Test?, cbc <= Re: Why Penetration Test?, Daniel Reynaud-Plantey Re: Why Penetration Test?, Amit Re: Why Penetration Test?, Rob Havelt Re: Why Penetration Test?, Petr . Kazil Re: Why Penetration Test?, Matt Curtin RE: Why Penetration Test?, DUBRAWSKY, IDO (CALLISMA) RE: Why Penetration Test?, Tony Tulio Re: Re: Why Penetration Test?, tarunthenut Re: Why Penetration Test?, Terry Vernon Re: Why Penetration Test?, Gareth Davies

Previous by Date:	RE: Why Penetration Test?, Tony Tulio
Next by Date:	[Snort-users] Unrecognized attack patterns against IIS, Michael Scheidell
Previous by Thread:	Re: Why Penetration Test?, Brahman Thiyagalingham
Next by Thread:	Re: Why Penetration Test?, Daniel Reynaud-Plantey
Indexes:	[Date] [Thread] [Top] [All Lists]