Security Basics mailing list archives
Re: PenTest Checklist
From: Alessandro <a.bottonelli () infinito it>
Date: Thu, 8 Jan 2004 17:41:20 +0100
On Tuesday 06 January 2004 17:07, you wrote:
Here's a quick summary here from various sources for your review... B - Goals recognize best practices recognize business risks privacy issues both internal and external
I don't see (but that could be just me) anything in your checklist that can lead to recognizing business risks and privacy issues. If Risk = Vulnerabilities x Threats x Damage then a pen-test does a great job in measuring Vulnerabilities. I need other kind of assessments to measure the other two factors in the formula. My 2 Eurocents :-) worth... -- Alessandro Bottonelli www.axis-net.it --------------------------------------------------------------------------- Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any course! All of our class sizes are guaranteed to be 10 students or less. We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, and many other technical hands on courses. Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off any course! ----------------------------------------------------------------------------
Current thread:
- PenTest Checklist J. Yoon (Jan 06)
- Re: PenTest Checklist Alessandro (Jan 08)