Penetration Testing mailing list archives
Re: [PEN-TEST] Contract/disclaimer for penetration testers
From: Steve Goldsby <sgoldsby () INTEGRATE-U COM>
Date: Mon, 15 Jan 2001 15:28:40 -0600
Er. We use something significantly more in depth than this. We have a reasonably fair hold harmless agreement, and a lengthy statement of work (SOW). THe contract just says "you agree to pay on time. period.". THe SOW has the real meat, responsibilities of both parties, etc. Be safe. Have a law firm draft your material. You'll be glad you did. Steve Goldsby, CEO Integrated Computer Solutions, Inc. www.integrate-u.com -----Original Message----- From: Penetration Testers [mailto:PEN-TEST () SECURITYFOCUS COM]On Behalf Of John Martin Sent: Saturday, January 13, 2001 12:27 PM To: PEN-TEST () SECURITYFOCUS COM Subject: Re: [PEN-TEST] Contract/disclaimer for penetration testers Hi Try www.maxvision.net/ This question also raises issues about the forthcoming RIP law in UK, which comes into force in June 2001. Does this law affect existing authorisation/liability contracts, when conducting Penetration testing, particularly externally via an ISP? If so, how can we protect ourselves? What needs to be changed in existing contracts? -----Original Message----- From: Allan Pratt [mailto:allan_pratt () HOTMAIL COM] Sent: 12 January 2001 18:41 To: PEN-TEST () SECURITYFOCUS COM Subject: [PEN-TEST] Contract/disclaimer for penetration testers Hi, I recollect seeing a few months ago on this list a URL that was posted for a contract that a penetration testing company had their clients sign. The contract stated what the penetration testers would do and what other issues that come up in the process of performing a penetration test. This included a liability waiver. I can't find that posting. Does anyone recollect this URL or a similar document I can download? Thanks, Allan _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com
Attachment:
Stephen S Goldsby.vcf
Description:
Current thread:
- Re: [PEN-TEST] Contract/disclaimer for penetration testers John Martin (Jan 15)
- Re: [PEN-TEST] Contract/disclaimer for penetration testers Steve Goldsby (Jan 15)
- <Possible follow-ups>
- Re: [PEN-TEST] Contract/disclaimer for penetration testers Jeff Deitz (Jan 15)
- Re: [PEN-TEST] Contract/disclaimer for penetration testers Max Vision (Jan 15)
- Re: [PEN-TEST] Contract/disclaimer for penetration testers Jeff Deitz (Jan 16)