Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Management
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: bank audit pen test

from [Brad Bemis] Network Security [Permanent Link]
Subject: RE: bank audit pen test
Date: Sun, 30 Oct 2005 10:07:15 -0800 
 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

"It depends" is the most common answer to any legal questions
resulting from a security issue.  The answer is to be very careful in
developing your contract language and consult a legal professional. 
There are a lot of options for approaching this, but at the very
least make sure that your contract clearly limits your liability to
the cost of your services (or less) and nothing more.   

Brad Bemis, CISSP, CISA
Information Security Professional

- -----Original Message-----
From: Keenen Milner [mailto:kmilner@ghcllc.com] 
Sent: Saturday, October 29, 2005 9:03 AM
To: Coreappsecurity Mailing List;
security-management@securityfocus.com
Subject: bank audit pen test

I have a different twist on the bank audit question.

If as part of the audit, you perform a pen test and the bank gets
hack the day after you deliver your results, can you be sued? I know
anyone can sue anyone for anything but how can you realistically
reduce the chance you get sued.

Best Regards,
Keenen
____________________________________________________
Keenen Milner
Lead Partner - Computer Forensics and Technology Consulting GHC
Information Systems, LLC Grobstein Horwath and Company, LLP
15233 Ventura Boulevard, 9th Floor
Sherman Oaks, California 91403
(818) 325-8466 - voice
(818) 325-8566 - fax
____________________________________________________ 



-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQIVAwUBQ2UL0giGfsWIs63wAQL/TxAAjIvIU836tjcPLICNi2X7+r9R673WoV1n
0SiHctQDdkizV3NYmFXMUQo3JKa7wDQK350DckGWMyor//S2x5PBO6u/rbnfjW2x
aANW6xiOWKvv1poUTen1gDpKNYz72JZPUMkpvEW5y35M+iaRVFJ/pI9IF2NWKNHH
OJLyZHfqLV1Tpa+CzOi5els7finWWBtfSopxLl8PTNlv8deMQXkJVVdpcQFT5hgb
D6vjN4ZerNaOavL7eYIqEHmi2b2L28SoCRClIWD4rE1DO7+1UUl2YUeHhF4BhFJz
HhLaT96XJgisineRcPqOV/VODxwQL93h0d9ElTWQEwKCjR/lCOWLzEf6GPjc6Dy3
CNscqDSms1UvMtDa7225D44b2dvGdBwlELz1qEx2qbHSD085I0wkTUZHUPW3NuV5
707bcY0Kot0rvKgKAsQXrhurwKRdRXWCiZ24QVyRKDuIkRvlV3feAVNKUBQPP7j8
fh+EJAB3Dy+wGsyFplzS1EcsvG2zsVCfQVXVWvPbGUDoW1UQLas45VKt6LVqxoKg
uR7Y6YYcGwAjLR/Rmxj6e+fXz9yj99F6V1IvR4/8+yxtaFLW98kW/WN3o+dMG4Mn
lxNSwjdmedhr62Vio+y7Fz9fTPp5J/ppYaLwQ7Ro7CIR+zLHBTUyfJChsmleNJdD
r0FP89BQN/4=
=VSnj
-----END PGP SIGNATURE-----
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Next by Date:  RE: IT Department Size, Mark Brunner
Next by Thread:  RE: bank audit pen test, Mark Brunner
Indexes:  [Date] [Thread] [Top] [All Lists]