Re: Penetration Test Vendors

[Chris Fenton <Chrisf () apcon com>]

Metasploit / Rapid7 (open source)

BreakingPoint Systems (commercial)

Sent from my mobile device...

Chris

On Jun 22, 2010, at 4:28 PM, "Scott Berkman" <scott () sberkman net> wrote:

> If I wanted someone to do this, I'd probably look at a security vendor
> instead of a general purpose consulting firm.
>
> Some examples off the top of my head might include IBM's ISS and
> SecureWorks.
>
>    -Scott
>
> -----Original Message-----
> From: Ken Gilmour [mailto:ken.gilmour () gmail com]
> Sent: Tuesday, June 22, 2010 4:58 PM
> To: George Bonser
> Cc: nanog () nanog org
> Subject: Re: Penetration Test Vendors
>
> Depends on where you are... I've used Sysnet in Europe  
> (www.sysnet.ie) and
> they are excellent. We used Deloitte (
> http://www.deloitte.com/view/en_GX/global/services/enterprise-risk-services/
> security-privacy-resiliency/pcidss/index.htm)
> in non-european countries, with not such a good result (but other  
> people may
> have different experiences).
>
> Regards,
>
> Ken
>
> On 22 June 2010 14:48, George Bonser <gbonser () seven com> wrote:
>
> > Anyone have any suggestions for a decent vendor that provides network
> > penetration testing? We have a customer requirement for a third party
> > test for a certain facility. Have you used anyone that you thought  
> > did a
> > great job?  Anyone you would suggest avoiding?
> >
> > Replies can be sent off list and I will summarize any feedback I  
> > might
> > get from the community if anyone is interested.
> >
> > George