Educause Security Discussion mailing list archives
Re: Penetration Testing Software
From: David Grisham <DGrisham () SALUD UNM EDU>
Date: Tue, 10 Mar 2009 09:23:09 -0600
UNM main campus, the UNM Health Science Center and UNM Hospitals have used TrustCC for penetration, baseline assessments and focused systems testing very successfully. TrustCC.com Cheers --grish David D. Grisham, Ph.D., CISM, CHSP Manager, IT Security, UNM Hospitals, IT Division 1650 University Blvd, S.500, Albuquerque, NM 87102 Ph: (505) 272-5657 FAX 272-6923 Work email: dgrisham () salud unm edu Adjunct Faculty, Computer Science, UNM Academic & personal email: dave () unm edu>>> "Axworthy, Heather" <haxworthy () UMASSP EDU> 3/10/2009 7:36 AM >>> Hi James, I have used several outside vendors for this work and the best I have seen are the folks at InGuardians. http://www.inguardians.com. The firm's founders are Mike Poor, Jay Beale and Tom Liston of SANS. At my previous two employers, neither had ever performed penetration testing. In that case, it is better to get an outside vendor to come in and perform a full test (external "black box", external trusted, and internal.) This will help you get a better picture of your vulnerabilities. Then once you do that, you can explore purchasing a product like Core Impact, if you have the dedicated staff for it. Hope that helps. Thanks, Heather From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of James R. Pardonek Sent: Monday, March 09, 2009 5:24 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Penetration Testing Software We are looking at penetration testing, either by a third party or by using purchased software in-house. I was curious what others were doing, some costs and issues. Thanks, James R. Pardonek, CISSP Senior Network Administrator Network Infrastructure Management and Maintenance Computing Technology and Information Services Purdue University Calumet Hammond, Indiana
Current thread:
- Penetration Testing Software James R. Pardonek (Mar 09)
- <Possible follow-ups>
- Re: Penetration Testing Software Daniel Bennett (Mar 10)
- Re: Penetration Testing Software Karen Stopford (Mar 10)
- Re: Penetration Testing Software Joel Rosenblatt (Mar 10)
- Re: Penetration Testing Software Axworthy, Heather (Mar 10)
- Re: Penetration Testing Software Jay Tumas (Mar 10)
- Re: Penetration Testing Software Rue, Brian R. (Mar 10)
- Re: Penetration Testing Software King, Ronald A. (Mar 10)
- Re: Penetration Testing Software David Grisham (Mar 10)
- Re: Penetration Testing Software Curt Wilson (Mar 11)
- Re: Penetration Testing Software randy marchany (Mar 11)
- Re: Penetration Testing Software Christopher Jones (Mar 11)