nanog mailing list archives

RE: Penetration Test Vendors

From: "Scott Berkman" <scott () sberkman net>
Date: Tue, 22 Jun 2010 19:27:43 -0400

If I wanted someone to do this, I'd probably look at a security vendor
instead of a general purpose consulting firm.

Some examples off the top of my head might include IBM's ISS and
SecureWorks.

        -Scott

-----Original Message-----
From: Ken Gilmour [mailto:ken.gilmour () gmail com] 
Sent: Tuesday, June 22, 2010 4:58 PM
To: George Bonser
Cc: nanog () nanog org
Subject: Re: Penetration Test Vendors

Depends on where you are... I've used Sysnet in Europe (www.sysnet.ie) and
they are excellent. We used Deloitte (
http://www.deloitte.com/view/en_GX/global/services/enterprise-risk-services/
security-privacy-resiliency/pcidss/index.htm)
in non-european countries, with not such a good result (but other people may
have different experiences).

Regards,

Ken

On 22 June 2010 14:48, George Bonser <gbonser () seven com> wrote:

Anyone have any suggestions for a decent vendor that provides network
penetration testing? We have a customer requirement for a third party
test for a certain facility. Have you used anyone that you thought did a
great job?  Anyone you would suggest avoiding?

Replies can be sent off list and I will summarize any feedback I might
get from the community if anyone is interested.

George

Current thread:

RE: Penetration Test Vendors Scott Berkman (Jun 22)
- Re: Penetration Test Vendors Chris Fenton (Jun 22)
- RE: Penetration Test Vendors Chris Gravell (Jun 24)
  - RE: Penetration Test Vendors suess13 (Jun 26)
- <Possible follow-ups>
- RE: Penetration Test Vendors Dante Martins (Jun 22)
- Re: Penetration Test Vendors Martin Hannigan (Jun 23)
- RE: Penetration Test Vendors Delgado,Rodolfo (Jun 23)
- Re: Penetration Test Vendors Laurens Vets (Jun 23)
- Penetration test vendors George Bonser (Jun 28)