Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Pen Test Contracts

from [rkraus] Network Security [Permanent Link]
Subject: Pen Test Contracts
Date: 12 Jul 2006 16:33:25 -0000 
Hello All,

I am curious if anyone happens to have a few documents that may assist me. I am 
not looking to re-create the wheel and would appreciate any help.

I am looking for a few templates that I can use for (of course I would modify 
them to reflect my organizations):

1.    Internal Approval for penetration testing. This is the type you would use 
to gain written approval from your internal management to perform penetration 
testing on your own network.

2.    Customer Approval Contract for External Penetration Testing - This form 
is used for getting written approval from your customers to perform penetration 
testing on their networks. This usually will include the scope and any 
guidelines for the engagement of the pen-testing activities.

3. Proposal. If anyone has a example of a proposal for costing information for 
different services.

I have found a few on the internet but most are very brief and do not cover 
what I would think a normal agreement would cover.

If you wish to email me directly I would not mind at all. Thanks for any 
assistance the mail-list can provide!!

Thanks,

 Rob Kraus

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's 
Choice Award from eWeek. As attacks through web applications continue to rise, 
you need to proactively protect your applications from hackers. Cenzic has the 
most comprehensive solutions to meet your application security penetration 
testing and vulnerability management needs. You have an option to go with a 
managed service (Cenzic ClickToSecure) or an enterprise software 
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can 
help you: http://www.cenzic.com/news_events/wpappsec.php 
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request@cenzic.com for details.
------------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Skype exploitable vulnerabilities and risks pointers, Chris Serafin
Next by Date:  Re: Skype exploitable vulnerabilities and risks pointers, Cedric Blancher
Previous by Thread:  Logging IP Address of Failed login attempts, M4ch3T3 Hax
Next by Thread:  Re: Pen Test Contracts, Christine Kronberg
Indexes:  [Date] [Thread] [Top] [All Lists]