Re: 3rd party vuln assesment firms

[InfoSecBOFH <infosecbofh () gmail com>]

I love it when vendors make claims such as this;

"A Hacker's Eye View of Your Network"

and even better;

"We use the same tools hackers bring to bear against your systems.
However, instead of exploiting those vulnerabilities, we compile
vulnerability results with easy to understand explanations and links
to the needed patches and updates, and then deliver the reports to
your desktop on a regular basis. "

So in other words they run NMap and/or Nessus.

Yup... h4x0rs eye view.  ROFL.

On 12/27/05, Michael Weber <mweber () alliednational com> wrote:
> Happy New Year!
>
> I have been using both the internal and external vuln. assessment
> products from NetChecker.  They use an array of standard tools, along
> with some custom code and human analysis.  I like the product, the
> price, and the results.
>
> www.netchecker.net is their web site.
>
> -Michael
>
> > > > <rklemaster () hotmail com> 12/23 11:27 AM >>>
> I'm looking for a firm to conduct annual 3rd party vulnerability
> assesments for a nationwide carrier ISP. If anyone has any references or
> stories to share, I'd like to hear about them.
> thanks!
>
>
>
>
> E-MAIL CONFIDENTIALITY NOTICE: This communication and any associated
> file(s) may contain privileged, confidential or proprietary
> information or be protected from disclosure under law ("Confidential
> Information").  Any use or disclosure of this Confidential Information,
> or taking any action in reliance thereon, by any individual/entity
> other than the intended recipient(s) is strictly prohibited.  This
> Confidential Information is intended solely for the use of the
> individual(s) addressed. If you are not an intended recipient, you
> have received this Confidential Information in error and have an
> obligation to promptly inform the sender and permanently destroy,
> in its entirety, this Confidential Information (and all copies
> thereof).  E-mail is handled in the strictest of confidence by
> Allied National, however, unless sent encrypted, it is not a secure
> communication method and may have been intercepted, edited or
> altered during transmission and therefore is not guaranteed.
>
>
>
> ------------------------------------------------------------------------------
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
> futile against web application hacking. Check your website for vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> -------------------------------------------------------------------------------

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------