Home page logo
/

pen-test logo Penetration Testing mailing list archives

RE: Blue Team ROE
From: "Dave Sanford" <dsanford () austin rr com>
Date: Tue, 6 Mar 2007 21:46:40 -0600

Yea - a professional knows when to walk away - after thanking
the client for the opportunity, explaining why doing the job
would not be in your/your companies interest, and explaining
the terms under which you would be happy to do the work.

Dave

"Oh would some power the giftie gie us, to
see ourselves as others see us." Robert Burns
-----Original Message-----
From: listbounce () securityfocus com 
[mailto:listbounce () securityfocus com] On Behalf Of krymson () gmail com
Sent: Tuesday, March 06, 2007 2:53 PM
To: pen-test () securityfocus com
Subject: RE: Blue Team ROE

It is not always about being a professional either. For 
instance, is the engagement going to be risky for your own 
company image? Let's say your company is given this 
assignment by AgencyX and AgencyX has a very high profile 
incident. AgencyX and/or the media will likely drag your name 
into the issue because you gave them a clean bill of health 
with an asterisk after it explaining that some constraints 
were made...

Just the act of saying "Secure...but with huge glaring holes" 
may be too much risk for you.

--------------------------------------------------------------
----------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php
?camp=701600000008bOW
--------------------------------------------------------------
----------



------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault