Penetration Testing: Re: Get out of jail cards (Statement of work authorizing access, was Re: Pentester convicted..)

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Penetration Testing mailing list archives

Re: Get out of jail cards (Statement of work authorizing access, was Re: Pentester convicted..)

From: Dana <dmorrow5 () satx rr com>
Date: Fri, 12 May 2006 11:35:30 -0500

Michael Sierchio wrote:

I'd be very much interested in whether there is a consensus
document used by those performing vulnerability assessments
that specifically authorizes pen testing which is sufficiently
robust to protect the consultant from civil and criminal
action.

Would anyone care to share, comment, etc.?  Thanks in advance.

- Michael
------------------------------------------------------------------------------
This List Sponsored by: Cenzic
Concerned about Web Application Security? Why not go with the #1solution - Cenzic, the only one to win the Analyst's Choice Award fromeWeek. As attacks through web applications continue to rise, you needto proactively protect your applications from hackers. Cenzic has themost comprehensive solutions to meet your application securitypenetration testing and vulnerability management needs. You have anoption to go with a managed service (Cenzic ClickToSecure) or anenterprise software (Cenzic Hailstorm). Download FREE whitepaper onhow a managed service can help you:http://www.cenzic.com/news_events/wpappsec.php And, now for a limitedtime we can do a FREE audit for you to confirm your results from otherproduct. Contact us at request () cenzic com for details.------------------------------------------------------------------------------

http://www.professionalsecuritytesters.org/

Dana Morrow

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?Why not go with the #1 solution - Cenzic, the only one to win the Analyst'sChoice Award from eWeek. As attacks through web applications continue to rise,you need to proactively protect your applications from hackers. Cenzic has themost comprehensive solutions to meet your application security penetrationtesting and vulnerability management needs. You have an option to go with amanaged service (Cenzic ClickToSecure) or an enterprise software(Cenzic Hailstorm). Download FREE whitepaper on how a managed service canhelp you: http://www.cenzic.com/news_events/wpappsec.phpAnd, now for a limited time we can do a FREE audit for you to confirm yourresults from other product. Contact us at request () cenzic com for details.

------------------------------------------------------------------------------

By Date By Thread

Current thread:

Re: Pentester convicted.., (continued)
- Re: Pentester convicted.. Jason Ross (May 11)
- Re: Pentester convicted.. John Kinsella (May 11)
- RE: Pentester convicted.. Sahir Hidayatullah (May 11)
  - Get out of jail cards (Statement of work authorizing access, was Re: Pentester convicted..) Michael Sierchio (May 12)
    - Re: Get out of jail cards (Statement of work authorizing access, was Re: Pentester convicted..) Dana (May 12)
    - Re: Get out of jail cards (Statement of work authorizing access, was Re: Pentester convicted..) Jeremiah Cornelius (May 12)
    - Re: Get out of jail cards (Statement of work authorizing access, was Re: Pentester convicted..) Dotzero (May 12)
    - Re: Get out of jail cards (Statement of work authorizing access, was Re: Pentester convicted..) Paul Asadoorian (May 12)
    - RE: Get out of jail cards (Statement of work authorizing access, was Re: Pentester convicted..) Clement Dupuis (May 12)
- Re: Pentester convicted.. bofn (May 11)