Home page logo

educause logo Educause Security Discussion mailing list archives

Re: Penetration Testing
From: Willis Marti <wmarti () TAMU EDU>
Date: Wed, 19 Dec 2012 08:58:44 -0600

Do you actually mean "penetration testing" or do you really
want a vulnerability assessment? Or just an external vulnerability scan?
LOTS of folk will do a Nessus-like scan, possibly rating the vulnerabilities
high/medium/low, but very few will go further and say "your security
status is passing/failing".
 I don't think "zero defects" is reasonable for higher ed; we're not a bank or
military facility. Our job is to distribute information.
So what do you really want?

----- Original Message -----

Does anyone have any recommendations for companies that do
penetration testing? We are considering bringing in an outside company to do
penetration testing on Lehigh's systems and network and would like someone with
experience in the higher ed domain. Reply here or off-line if you prefer.

Willis Marti
Director and CISO
Networking and Information Security
Texas A&M University

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]