RE: Blue Team ROE

["Dave Sanford" <dsanford () austin rr com>]

Yea - a professional knows when to walk away - after thanking
the client for the opportunity, explaining why doing the job
would not be in your/your companies interest, and explaining
the terms under which you would be happy to do the work.

Dave

"Oh would some power the giftie gie us, to
see ourselves as others see us." Robert Burns
> -----Original Message-----
> From: listbounce () securityfocus com 
> [mailto:listbounce () securityfocus com] On Behalf Of krymson () gmail com
> Sent: Tuesday, March 06, 2007 2:53 PM
> To: pen-test () securityfocus com
> Subject: RE: Blue Team ROE
>
> It is not always about being a professional either. For 
> instance, is the engagement going to be risky for your own 
> company image? Let's say your company is given this 
> assignment by AgencyX and AgencyX has a very high profile 
> incident. AgencyX and/or the media will likely drag your name 
> into the issue because you gave them a clean bill of health 
> with an asterisk after it explaining that some constraints 
> were made...
>
> Just the act of saying "Secure...but with huge glaring holes" 
> may be too much risk for you.
>
> --------------------------------------------------------------
> ----------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
>
> http://www.cenzic.com/products_services/download_hailstorm.php
> ?camp=701600000008bOW
> --------------------------------------------------------------
> ----------


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------