mailing list archives
RE: Security and penetration review
From: "Sadler, Connie" <Connie_Sadler () Brown edu>
Date: Fri, 10 Jun 2005 11:59:25 -0400
Dallas, if you don't find something, just write things down. The format and flow can be done by someone else. It's
important that you capture the positives as well as the negatives, and that can be done with a voice recorder, bullets
on a paper towel, etc. Technical people don't always have to know how to write (although it helps). They do need to
know someone who can. ;-) Partnering on these things can be very beneficial, if that's an option that is open to you.
Just my two cents...
Connie J. Sadler, CM, CISSP, CISM, GIAC GSLC
Director, IT Security, Brown University
Box 1885, Providence, RI 02912
Connie_Sadler () Brown edu
PGP Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x91E38EFB
PGP Fingerprint: DA5F ED84 06D7 1635 4BC7 560D 9A07 80BA 91E3 8EFB
From: Hindle, Dallas [mailto:Dallas.Hindle () bakersdelight com au]
Sent: Thursday, June 09, 2005 6:40 PM
To: security-basics () securityfocus com
Subject: Security and penetration review
I have been asked to review the security of a company, doing the actual
security review isn't a problem, however the documentation is a problem,
I'm a geek and doco isn't my strong point, the company wants the review
fully documented and presented to some of the I.S. big wigs.
Does anyone have and links to security review templates or have any
reviews they would mind sending my way?
Infrastructure Team Leader
Bakers Delight Holdings Limited.
Suite 1, Level 1
293 Camberwell Road
Camberwell, Victoria, 3124
p. +61 3 9811 6183
m. 0413 707 451
f. +61 3 9811 6100
e. Dallas.Hindle () BakersDelight com au
Message protected by MailGuard: e-mail anti-virus, anti-spam and content filtering.