Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Penetration Testing : A Third Party Hacker.
From: Stack Smasher <stacksmasher () gmail com>
Date: Tue, 10 Jan 2006 08:26:45 -0500

Any system is only as good as the person who built it. I am a firm
believer in bringing in 3rd parties to pen test. I have too often seen
someone in a position due to who they know and not what they know.
When you bring in that third party who is a professional pen tester
you find gaps in an administrators knowledge.




On 1/9/06, 6ackpace <6ackpace () gmail com> wrote:
Hi All,

I have read an artical on SANS website.I have some questions unanswered.


External Penetration Testing conducted by third party.

How efficient it is?After all he will go through all the step of penetration
testing (internal PT).
How safe is integrity of Organization information for which PT is performed?
Difference between External and Internal PT'ers.

             External-Internal = Approach+Skill
Levels+Commitment+Trustworthiness.

Thank You,
6ackpace

_______________________________________________
Full-Disclosure - We believe in it.
Charter:
http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/




--
"If you see me laughing, you better have backups"
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault