From: SD List (list@security-database.com)
Date: Wed Jan 24 2007 - 04:56:16 EST
Hi,
You should take a look on Open Source Security Testing Methodology
(OSSTMM). It enumerates things to do or not to [ link;
http://www.osstmm.org or http://www.isecom.org ]
Also, guys from vulnerabilityassessment.co.uk has a very good checklist
(called Pre Site Inspection Checklist)
http://www.vulnerabilityassessment.co.uk/Presite%20Inspection.html
Hope this helps you out.
Security-Database.com Team
> I am chartered with having a connection pen-tested. I'm trying to
> determine the requirements for a statement of work for outsourcing.
>
> The objective of the pen-test is to validate technical controls that
> prevent unauthorized access to and from our network.
>
> Does anyone have a standard SOW for this type of testing?
>
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
>
> http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
> ------------------------------------------------------------------------
>
>
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:33 EDT