Re: Re: Penetration test report - your comments please?

From: scott (redhowlingwolves@bellsouth.net)
Date: Mon Jul 30 2007 - 00:32:21 EDT


This is sad state of management.Kind of like a restaurant knowing when
the health inspectors are coming.Sad,but it happens.This is when the
tester *must* shine!!!~

Regards,
   Scott

Steve Chapin wrote:
>> What approach do most people here take? Generally, because the
>> client will depend on you to organize the testing, the choice is
>> *usually* yours. What do you think is the best method?
>>
>
> We always ask that our activities be known by the minimum number of
> people (usually the CEO and Chief Security Officer of the client).
> If the front-line people know that there is a test underway, they
> will behave differently.
>
> sc
> --
> == Steve J. Chapin, President ==
> == RedTeam Consulting Company, LLC ==
> == chapin@ecs.syr.edu ==
>
>

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:59 EDT