Penetration Testing mailing list archives
Re: Pentest Letter of Achievement/Certificate
From: Tim <pand0ra.usa () gmail com>
Date: Sat, 16 Jul 2005 00:07:02 -0600
NIST has guidance on doing C&A (Certification & Accredation). The NIST Special Publication 800-18 or the soon to be 800-53 are some good documents to look at. http://csrc.nist.gov/publications/nistpubs/index.html http://www.nist.gov On 7/12/05, blowfish 448 <blowfish448 () hotmail com> wrote:
Hi, any of you know if any 'standards' or accepted guidelines exist for a letter or certification of succesfull resistance to Penetration Testing/Vulnerability Assessment. Customers often demand to have a proof delivered by their Penetration Test service provider to show to their partners and customers. The idea of course is not to disclose sensitive information but to briefly describe the environment tested and how - according to which methodologies and the attack vectors tested for. Thanks in advance
-- Tim Van Cleave, CISSP, NSA IAM, CXE AIM - pand0rausa MSN - m0rt15 Yahoo - pand0ra_usa
Current thread:
- Re: Pentest Letter of Achievement/Certificate, (continued)
- Re: Pentest Letter of Achievement/Certificate blowfish 448 (Jul 13)
- Re: Pentest Letter of Achievement/Certificate Tom Van de Wiele (Jul 13)
- Re: Pentest Letter of Achievement/Certificate Travis Good (Jul 13)
- Re: Pentest Letter of Achievement/Certificate John Kinsella (Jul 14)
- RE: Pentest Letter of Achievement/Certificate Paul Fields (Jul 14)
- Re: Pentest Letter of Achievement/Certificate Mike Klingler (Jul 15)
- RE: Pentest Letter of Achievement/Certificate Lyal Collins (Jul 15)
- Re: Pentest Letter of Achievement/Certificate blowfish 448 (Jul 13)
- Re: Pentest Letter of Achievement/Certificate Matthew J. Harmon (Jul 14)
- Re: Pentest Letter of Achievement/Certificate Mark Teicher (Jul 13)
- Re: Pentest Letter of Achievement/Certificate Michael Sierchio (Jul 13)