Re: Pen testing a off-site web server

[chapin () ecs syr edu (Steve Chapin)]

> You are providing security awareness and potential increasing the
> company's security, but should you be doing it for free?  We haven't
> really come up with a solution to the dilemma.  How have others
> addressed this?

Our contract states that the report is our property, that a copy is
provided to the client for their use, and may not be disclosed to any
third party without our express permission.

sc
--
== Steve J. Chapin, President         ==
== RedTeam Consulting Company, LLC    ==
== sjc () twcny rr com                   ==