Re: [PEN-TEST] Contract/disclaimer for penetration testers

[Jeff Deitz <JeffD () VSP COM>]

> I have a 100% penetration rate and the vast majority of my business is
> word of mouth.  Your attempt to slander my company is unreasonable and
> unfounded.

Sorry didn't mean you to take it as slander.

First, "Word of month" I have found is best way to find a good company
and/or people and those are the  companies and people I usually hire and
trust. I am sure you are great at what you do and it took me a minute to
realize that MaxVision runs WhiteHats.com, which is not clear on the
MaxVision Website. My mistake on that and I love the WhiteHats.com website.
I even subscribe to your mail list. This increased my opinion of you and
your company, but did not change my opinion of the content on your MaxVision
website advertising as a penetration testing website.

Again, my opinion is that any one out there looking for security consulting
I would advise against hiring anyone unknown to you from a website that does
not have full contact information. This means a valid mailing address (I
don't consider PO Box valid) and phone number. Would you hire someone to
come test the security of your home without this information? Also make sure
there is a privacy statement on any website you visit and if there is not
give out no personal information.

Jeff Deitz
Senior Systems Architect