Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: My Frustrations Step Two
From: Matt <matt () mrssecurity com>
Date: Thu, 18 Dec 2008 21:02:22 +0000

Adriel T. Desautels wrote:


So it appears to me that the solution to this problem is to provide the customer with ammunition so that they can quickly shoot down the fraudulent security experts and properly identify the real ones. There are different services, different classifications of service, different threat levels, etc. If our customers knew how to identify what they needed, they could use that to choose a good provider with much more success. But thats the real problem isn't it? Our customers aren't security experts and as a result they don't know what they need...

So, what questions can we arm our customers with so that they can weed out the Frauds?


Adriel T. Desautels
ad_lists () netragard com

Having managed to advoid the 24 TV show for a number of years i have been forced to start watching it as i was bored. So far, 8 episodes in i am rather enjoying it.

However, this thread caught my eye while googling Kim Bauer.

There are a number of courses and exams out there that attempt to guage a persons penetration testing skills for example in the UK the CHECK, TIGER and CREST schemes. No easy feat in themselves to pass.

We have attempted in the UK to educate customers that using pen companies with links into these exams and having employees that have passed these schemes is a good thing rather than the one man show.

I think educating a customer to look at previous work that you have done, and customer references is the way to go.

Customers tend to go with other customer recommendations.

At the end of the day everyone on here is effectively competing against each other for work and i am afraid in this day and age its starting to come down to price and the promise that it will be delivered.

BUT... its nice to see some of the big names are popping up in this list/thread.

I'm going back to 24 now..





------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]