Penetration Testing mailing list archives
Re: [PEN-TEST] Penetration Testing Ethic
From: "Teicher, Mark" <mark.teicher () NETWORKICE COM>
Date: Wed, 13 Sep 2000 14:35:28 -0700
OK, A penetration or security audit is usually a security organization's foot in the door. It is in their best interest to point out the glaring holes but also to assist the organization in fixing their network and address any policy/procedure issues that need to be addressed. There is an ethical issue on how to successfully conduct a penetration test without hurting the organization during the process. /mark At 05:52 PM 9/13/00 +0100, Mathew Bevan wrote:
This follows on from the pen testing cost thread, Alexander Sarris raised the point about being sold repairs multiple times.. I have always had a problem with companies that not only perform the security audit and make recommendations but perform the fixes as well... Is it not in their interest to leave a few holes here and there so that their report doesnt look so bare when they come back for repeat testing.. Obviously this is and ethical issue and something I feel shouldnt happen, this operating on both sides of the fence situation.. What does everyone else feel about this? Mathew Bevan aka Kuji (RL 1994)
Current thread:
- Re: [PEN-TEST] Cost of Penetration Testing, (continued)
- Re: [PEN-TEST] Cost of Penetration Testing Teicher, Mark (Sep 12)
- Re: [PEN-TEST] Cost of Penetration Testing Christopher M. Bergeron (Sep 12)
- Re: [PEN-TEST] Cost of Penetration Testing Deri Jones (Sep 12)
- Re: [PEN-TEST] Cost of Penetration Testing Alfred Huger (Sep 12)
- Re: [PEN-TEST] Cost of Penetration Testing Oliver Petruzel (Sep 12)
- Re: [PEN-TEST] Cost of Penetration Testing Jim Miller (Sep 12)
- Re: [PEN-TEST] Cost of Penetration Testing Alexander Sarras (SEA) (Sep 13)
- [PEN-TEST] Penetration Testing Ethic Mathew Bevan (Sep 13)
- Re: [PEN-TEST] Penetration Testing Ethic Bennett Todd (Sep 13)
- Re: [PEN-TEST] Penetration Testing Ethic edison (Sep 13)
- Re: [PEN-TEST] Penetration Testing Ethic Teicher, Mark (Sep 13)
- [PEN-TEST] Penetration Testing Ethic Mathew Bevan (Sep 13)