mailing list archives
[PEN-TEST] Penetration Testing Ethic
From: Mathew Bevan <listhandler () NTLWORLD COM>
Date: Wed, 13 Sep 2000 17:52:51 +0100
This follows on from the pen testing cost thread, Alexander Sarris raised
the point about being sold repairs multiple times..
I have always had a problem with companies that not only perform the
security audit and make recommendations but perform the fixes as well... Is
it not in their interest to leave a few holes here and there so that their
report doesnt look so bare when they come back for repeat testing..
Obviously this is and ethical issue and something I feel shouldnt happen,
this operating on both sides of the fence situation..
What does everyone else feel about this?
Mathew Bevan aka Kuji (RL 1994)
- Re: [PEN-TEST] Cost of Penetration Testing, (continued)