RE: Pen Test liability waiver form

Next time you're browsing in you favorite computer book store check out a 
copy of "The Ethical Hack: A Framework for Business Value Penetration 
Testing" by James S. Tiller. (Amazon will have the ISBN). Not only is it a 
great read but page 156 has a quite comprensive sample legal agreement. Not 
sure if the book's copyright would prevent you from using it as a starting 
point. The following page has a sample Get out of Jail Free card.

Always check with your legal dept on exact wording.

David.
> "Chris Serafin" <chris@chrisserafin.com>
> No Phone Info Available
> 02/15/2006 11:04 PM
>
> To
> <e.lewis@infosecurityconsult.com>, <pen-test@securityfocus.com>
> cc
>
> Subject
> RE: Pen Test liability waiver form
>
> > Try sans.org, I know they have a bunch of vanilla policies.
>
> Chris Serafin
> IT Security / VoIP Engineer
> chris@chrisserafin.com
>
> -----Original Message-----
> From: e.lewis@infosecurityconsult.com
> [mailto:e.lewis@infosecurityconsult.com]
> Sent: Tuesday, February 14, 2006 10:27 AM
> To: pen-test@securityfocus.com
> Subject: Pen Test liability waiver form
>
> Hello Everyone!
>
>
>
>             Does anyone know where I can find a good pen-test Liability
> waiver? I need a good one that I can alter to fit my needs. I know im
> being
> lazy. :-)
>
> ----------------------------------------------------------------------------
> --
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
>
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers
> are
>
> futile against web application hacking. Check your website for
> vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before
> hackers
> do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> ----------------------------------------------------------------------------
> ---
>
>
>
>
> ------------------------------------------------------------------------------
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
>
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers
> are
> futile against web application hacking. Check your website for
> vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before
> hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> -------------------------------------------------------------------------------

_________________________________________________________________
Get 10Mb extra storage for MSN Hotmail. Subscribe Now! 
http://join.msn.com/?pgmarket=en-hk


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------