Home page logo

pen-test logo Penetration Testing mailing list archives

Re: JIRA Pentest
From: Bog Witch <iambogwitch () gmail com>
Date: Tue, 18 Oct 2011 22:05:50 +0100


Sorry, I think you misunderstood. I am looking for a company (or
contractor) that has recent, specific experience of testing a JIRA
installation for a potential short-term contract for a friend of mine.
I appreciate that I could DL and install or even mirror the
installation but he is hoping to have a professional test done rather
than the 'enthusiastic amateur' test that I would perform as I do not
have experience of JIRA specifically.



On Tue, Oct 18, 2011 at 8:54 PM,  <securityfocus () rawchaos com> wrote:
The free version of Jira (I believe it's a 30 day trial) is exactly the same as the commerical product.  The only 
difference between all of the download pay versions is how many user licenses you are allowed (so the $10 version 
would be just as good if you need more than 30 days).

The hosted (managed) versions of Jira will probably be different, but I doubt that is what you are looking to do 
research on.

Aside from that it's a pretty standard Tomcat application.


On Tue, Oct 18, 2011 at 04:28:34PM +0100, Bog Witch wrote:

Is there anyone on this list with commercial JIRA pentest exposure?

Please email responses directly.



This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]