|
Penetration Testing
mailing list archives
RE: Sizing Pentest
From: "Anup Singh" <anup () ealcatraz com>
Date: Fri, 29 Jun 2001 13:37:47 +0530
I think The pentest for a financial institution should conform to SAS 70
document for financial information security. Go thro the document.. you
should have a fair enuff idea..
regards
-----Original Message-----
From: Leonardo Loro [mailto:leoloro () microsoft com]
Sent: Thursday, June 28, 2001 11:19 AM
To: Penetration Testing (E-mail)
Subject: Sizing Pentest
Hi all,
Which keypoints should be taken in account when sizing a pen test (for a
financial institution that wants to check the vulnerabilities of their
intranet systems vulnerability). Should it be charged x hour? X server?
X Deliverables?
Basically, they have 10 Sun 450e and 10 W2k servers on their intranet,
and a PIX in to work as a FW in front of them.
Thx,
Leo
----------------------------------------------------------------------------
----------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service
For more information on SecurityFocus' SIA service which automatically
alerts you to
the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
<<attachment: winmail.dat>> --------------------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service
For more information on SecurityFocus' SIA service which automatically alerts you to
the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
 By Date 
By Thread
Current thread:
- Sizing Pentest Leonardo Loro (Jun 28)
- RE: Sizing Pentest Anup Singh (Jun 29)
| 
Intro
