Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Testing Help

from [Mitchell, Chris (GE Indust, ConsInd, consultant)] Network Security [Permanent Link]
Subject: RE: Testing Help
Date: Mon, 30 Apr 2007 13:05:40 -0400 
The pen-testing profession can cover such a broad array of domains.  We
might be able to better ascertain what might be a more advisable
solution if we knew what kind of audit you were looking to perform.
There are any compliance standards that may be required by the
requestor.  SOX Audits, PCI (Payment Card Industry,) etc.

Perhaps you could describe what the surface area for potential attacks
should look like?  Is this in regard to an Internet Facing Web
Application?  The two references you provided appear to be pretty broad
however, I will admit, I could have spent more time researching them.

Hope I can help,

Chris



-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of Lisa L Cooper
Sent: Monday, April 30, 2007 11:16 AM
To: pen-test@securityfocus.com
Subject: Testing Help

I'm new to the list so please bare with me. I would however like some
advice on the following issue. An audit request has prompted us to
investigate network pen testing. We are looking at the following
options. 

1. Outside vendors such as Network Armor, and Rapid 7. Have any of you
used these and if so, which one, and were you satisfied?

2. We have Nessus, but as I'm sure you guys know the reporting is awful.
Do any of you know if anyone has written a good program to help out with
this situation?

Lisa L. Cooper,  lisa.cooper@louisville.edu University of Louisville
Information Technology Enterprise Network Security Miller IT Bldg, Room
109 Louisville, KY 40292




------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic See HOW Now with our 20/20
program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Testing Help, Matt
Next by Date:  Re: Testing Help, David Gadoury
Previous by Thread:  Re: Testing Help, Matt
Next by Thread:  Re: Testing Help, David Gadoury
Indexes:  [Date] [Thread] [Top] [All Lists]