Penetration Testing mailing list archives
[PEN-TEST] SAS70; the process and merit thereof?
From: Craig Anderson <craig () XTIME COM>
Date: Tue, 26 Sep 2000 15:31:58 +0000
Helu, This is a little off the subject of general penetration testing, but I think it still falls under the general awareness of the pen-testing crowd. Is anyone familiar with the process of attaining SAS70 certification ( Statements and Accounting Standards ) that is used to 'label' an infrastructure sufficiently secure to perform online financial transactions? More importantly, is this just another semi-worthless 'stamp' of approval, ala ICSA ( not to offend anyone.. my opinion though )? Also, has anyone been asked to verify the set of requirements this entails in addition to a penetration test? Thanks in advance, -- Craig
Current thread:
- [PEN-TEST] Load Balancing Servers Ian Edwards (Sep 25)
- Re: [PEN-TEST] Load Balancing Servers Blaise (Sep 25)
- [PEN-TEST] SAS70; the process and merit thereof? Craig Anderson (Sep 27)
- Re: [PEN-TEST] SAS70; the process and merit thereof? Tom Litney (Sep 27)
- Re: [PEN-TEST] SAS70; the process and merit thereof? Joe Calloway (Sep 27)
- [PEN-TEST] SAS70; the process and merit thereof? Craig Anderson (Sep 27)
- <Possible follow-ups>
- Re: [PEN-TEST] Load Balancing Servers Justin Schaefer (Sep 27)
- Re: [PEN-TEST] Load Balancing Servers Jens Knoell (Sep 27)
- Re: [PEN-TEST] Load Balancing Servers Justin Schaefer (Sep 27)
- Re: [PEN-TEST] Load Balancing Servers Gregor Binder (Sep 27)
- Re: [PEN-TEST] Load Balancing Servers Miller Scott Contr 30CS/FTI (Sep 27)
- Re: [PEN-TEST] Load Balancing Servers ollie-infosec (Sep 27)
- Re: [PEN-TEST] Load Balancing Servers Blaise (Sep 25)