Penetration Testing mailing list archives
Re: What is your policy on customers particapating in a pen test?
From: "Meritt James" <meritt_james () bah com>
Date: Tue, 19 Jun 2001 17:25:18 -0400
I have performed such with a representative present (but no touch). The better for at-the-time "Do you want me to...?" (I did ask, they said "NO!!!!!!!). There is a chance of them terminating your test prior to when YOU would, so watch the contractual conditions. Helps with the "Get out of jail free" if a rep is on hand... V/R Jim Joe Klein wrote:
All: I am hearing customers request ( and some times demand ) that they be part of a pen test. Currently, we offer the customer 4 - 8 hours of time to review findings and show them what we did, to access there systems. But we do this after the pen test is complete. I was wondering how other companies deal with this issue? J
-- James W. Meritt, CISSP, CISA Booz, Allen & Hamilton phone: (410) 684-6566
Current thread:
- Re: Blind IP spoofing portscan tool?, (continued)
- Re: Blind IP spoofing portscan tool? matheny (Jun 14)
- Re: Blind IP spoofing portscan tool? Jose Nazario (Jun 14)
- Re: Blind IP spoofing portscan tool? Enrique A. Sanchez Montellano (Jun 15)
- Re: Blind IP spoofing portscan tool? Jose Nazario (Jun 14)
- Re: Blind IP spoofing portscan tool? Enrique A. Sanchez Montellano (Jun 14)
- Re: Blind IP spoofing portscan tool? Chris Winter (Jun 14)
- RE: Blind IP spoofing portscan tool? Filipe Almeida (Jun 15)
- Re: Blind IP spoofing portscan tool? Alberto_Revelli (Jun 14)
- RE: Blind IP spoofing portscan tool? Yonatan Bokovza (Jun 14)
- RE: Blind IP spoofing portscan tool? thomas olofsson (Jun 18)
- What is your policy on customers particapating in a pen test? Joe Klein (Jun 19)
- Re: What is your policy on customers particapating in a pen test? Meritt James (Jun 19)
- RE: What is your policy on customers particapating in a pen test? Ken Pfeil (Jun 21)
- Re: What is your policy on customers particapating in a pen test? GBH (Jun 19)
- Re: What is your policy on customers particapating in a pen test? Jonathan Rickman (Jun 19)
- RE: What is your policy on customers participating in a pen test? Ken Halbeck (Jun 19)
- Re: What is your policy on customers particapating in a pen test? Vanja Hrustic (Jun 20)
- Re: What is your policy on customers particapating in a pen test? Jonathan Rickman (Jun 21)
- Re: What is your policy on customers particapating in a pen test? Vanja Hrustic (Jun 22)
- RE: What is your policy on customers particapating in a pen test? Bojan Zdrnja (Jun 25)
- What is your policy on customers particapating in a pen test? Joe Klein (Jun 19)
- Re: Blind IP spoofing portscan tool? matheny (Jun 14)
- RE: What is your policy on customers participating in a pen test? Dom De Vitto (Jun 21)
- Re: What is your policy on customers particapating in a pen test? Gary Warner (Jun 21)