[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Penetration Testing : A Third Party Hacker.



Any system is only as good as the person who built it. I am a firm
believer in bringing in 3rd parties to pen test. I have too often seen
someone in a position due to who they know and not what they know.
When you bring in that third party who is a professional pen tester
you find gaps in an administrators knowledge.




On 1/9/06, 6ackpace <6ackpace@xxxxxxxxx> wrote:
> Hi All,
>
> I have read an artical on SANS website.I have some questions unanswered.
>
>
> External Penetration Testing conducted by third party.
>
> How efficient it is?After all he will go through all the step of penetration
> testing (internal PT).
> How safe is integrity of Organization information for which PT is performed?
> Difference between External and Internal PT'ers.
>
>              External-Internal = Approach+Skill
> Levels+Commitment+Trustworthiness.
>
> Thank You,
> 6ackpace
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
> http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>


--
"If you see me laughing, you better have backups"
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/