| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue Jan 10 13:26:56 2006 From: stacksmasher at gmail.com (Stack Smasher) Subject: Penetration Testing : A Third Party Hacker. Any system is only as good as the person who built it. I am a firm believer in bringing in 3rd parties to pen test. I have too often seen someone in a position due to who they know and not what they know. When you bring in that third party who is a professional pen tester you find gaps in an administrators knowledge. On 1/9/06, 6ackpace <6ackpace@...il.com> wrote: > Hi All, > > I have read an artical on SANS website.I have some questions unanswered. > > > External Penetration Testing conducted by third party. > > How efficient it is?After all he will go through all the step of penetration > testing (internal PT). > How safe is integrity of Organization information for which PT is performed? > Difference between External and Internal PT'ers. > > External-Internal = Approach+Skill > Levels+Commitment+Trustworthiness. > > Thank You, > 6ackpace > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: > http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > -- "If you see me laughing, you better have backups"
Powered by blists - more mailing lists