Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Google Sacure

From: <whupass () hushmail com>
Date: Fri, 26 Oct 2007 17:54:06 -0400
The truth about Sacure is that they have little to no capabilities 
or talent what so ever. Their website has been malfunctioning since 
well before August 2007 and they never caught it.  Why would anyone 
hire a “Managed Security” company that can’t detect issues in their 
own network? How the hell are they going to detect issues in yours?

Reference:

http://lists.grok.org.uk/pipermail/full-disclosure/2007-
October/067050.html 

Furthermore, Sacure has a broken customer portal. How would a 
“leader” in “Managed Security Services” not notice that their 
customer portal was broken? When you try to login to the portal you 
get an error that shows “Query failed : Table 
‘sacure123.assessment’ doesn’t exist”. The obvious comes to mind; 
Sacure must not have any customers that use their “Managed Security 
Service”… so… how are they a leader again?

In addition Sacure also claims that they are “Professional Security 
Service” experts. This is obviously bullshit. When you read through 
the materials on their website you find things like references to 
XSS (“Cross-Site Shipping”). What the fuck is that? Are they going 
to send UPS to assess your network? Last time I checked XSS was 
Cross-Site Scripting.

Reference:

http://lists.grok.org.uk/pipermail/full-disclosure/2007-
October/067065.html

I wish that people in the security community would take the time to 
expose the “fake” security companies like Sacure for what they 
really are. This would help innocent buyers who do not know any 
better to avoid companies like Sacure. It would help them to avoid 
being ripped off. 

Sacure… it’s a fucking joke.


On Fri, 26 Oct 2007 00:27:34 -0400 scott 
<redhowlingwolves () bellsouth net> wrote:

First off,it's on GoDaddy (dot)com.That should be the first 
pointer.



Michael Bann wrote:

Maybe it's a joke. :-)

Fabrizio wrote:

Way too much info.

Let's map out some tables names now....

http://www.sacure.com/login_process.php

On 10/25/07, *Juha-Matti Laurio* <juha-matti.laurio () netti fi
<mailto:juha-matti.laurio () netti fi>> wrote:



http://www.sacure.com/news/home/sacure-to-offer-security-staffing-
and-consulting-services/


generates the same result as well.

- Juha-Matti

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
<http://lists.grok.org.uk/full-disclosure-charter.html>
Hosted and sponsored by Secunia - http://secunia.com/


----------------------------------------------------------------

--------


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: