Penetration Testing mailing list archives
Re: Bank Assessment
From: "lists" <lists () securitydocs com>
Date: Thu, 22 Apr 2004 23:32:39 -0400
You may also find the following documents of use: Gramm-Leach-Bliley Act Title V Complexities and Compliancy for the Community Banking Sector http://www.securitydocs.com/thread/1277 Unique Characteristics of Ecommerce Technologies and their Effects upon Payment Systems http://www.securitydocs.com/thread/1291 ----- Original Message ----- From: "Ivan Arce" <ivan.arce () coresecurity com> To: <pen-test () securityfocus com> Sent: Wednesday, April 21, 2004 4:29 PM Subject: Re: Bank Assessment
In addition to FFIEC guidelines you might find some NIST documents
usefull:
SP800-26 "Security Self-Assessment Guide for Inforamtion Technology
Systems"
http://csrc.nist.gov/publications/nistpubs/800-26/sp800-26.pdf and SP800-42 "Guideline on Network Security Testing" http://csrc.nist.gov/publications/nistpubs/800-42/NIST-SP800-42.pdf -ivan Blake Wiedman wrote:You can find the answers to most of your questions including guidelines here http://www.ffiec.gov/ My employer uses the guidelines as the basis for all of our banking clients. Blake Wiedman Security Technician Icons Inc. www.iconsinc.com 732.309.6038 -----Original Message----- From: Joe Smith [mailto:joey () r00t66 com] Sent: Monday, April 19, 2004 2:40 PM To: pen-test () securityfocus com Subject: Bank Assessment I'm looking for any good links with regard to Banking Institutions.. Security assessments, pen-testing, special needs etc. I know they are big on policies and procedures. ------------------------------------------------------------------------ ------ Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ------------------------------------------------------------------------ ---------------------------------------------------------------------------------
----
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
off
any course! All of our class sizes are guaranteed to be 10 students or
less
to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of
in-the-field
pen testing experience in our state of the art hacking lab. Master the
skills
of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html--------------------------------------------------------------------------
-----
-- --- To strive, to seek, to find, and not to yield. - Alfred, Lord Tennyson Ulysses,1842 Ivan Arce CTO CORE SECURITY TECHNOLOGIES 46 Farnsworth Street Boston, MA 02210 Ph: 617-399-6980 Fax: 617-399-6987 ivan.arce () coresecurity com www.coresecurity.com PGP Fingerprint: C7A8 ED85 8D7B 9ADC 6836 B25D 207B E78E 2AD1 F65A --------------------------------------------------------------------------
----
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or
less
to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the
skills
of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html --------------------------------------------------------------------------
-----
------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
Current thread:
- Bank Assessment Joe Smith (Apr 19)
- Re: Bank Assessment Max (Apr 21)
- RE: Bank Assessment Blake Wiedman (Apr 21)
- Re: Bank Assessment Ivan Arce (Apr 22)
- Re: Bank Assessment lists (Apr 23)
- RE: Bank Assessment c0d3r (Apr 22)
- RE: Bank Assessment Amit Deshmukh (Apr 23)
- RE: Bank Assessment Chuck Herrin (Apr 23)
- Re: SME risk assessment (Was: Bank Assessment) fergus (Apr 24)
- RE: Bank Assessment Blake Wiedman (Apr 23)
- Re: Bank Assessment Ivan Arce (Apr 22)
- <Possible follow-ups>
- RE: Bank Assessment James Williams (Apr 23)