Penetration Testing mailing list archives
RE: 3rd party vuln assesment firms
From: "Evans, Arian" <Arian.Evans () fishnetsecurity com>
Date: Thu, 5 Jan 2006 15:18:16 -0600
Hola Michael, Is "Netchecker" short for "Michael Webber"? It appears that: alliednational.com->webersemail.com->netchecker.net I am all for people letting us know about their services, but subterfuge breeds a little suspicion in my book. I have to agree with you on one point: it is important for a firm to know if they "are open to deadly worms or hackers". However, I am unsure how self-assessment gels with GLBA and SOX requirements. hmmm. btw// I used an array of standard tools along with some custom code and human analysis above. oh and I read that book by Johnny Long called "Google Hacking" that's pretty 3733t and you might want to check it out, -ae Next up: "hey I have worked with arian and he is the bestest pen tester ever. I'd recommend hiring him immediately for a huge fee." Just kidding. I don't even like that arian guy.
-----Original Message----- From: Michael Weber [mailto:mweber () alliednational com] Sent: Tuesday, December 27, 2005 10:58 AM To: rklemaster () hotmail com; pen-test () securityfocus com Subject: Re: 3rd party vuln assesment firms Happy New Year! I have been using both the internal and external vuln. assessment products from NetChecker. They use an array of standard tools, along with some custom code and human analysis. I like the product, the price, and the results. www.netchecker.net is their web site. -Michael<rklemaster () hotmail com> 12/23 11:27 AM >>>I'm looking for a firm to conduct annual 3rd party vulnerability assesments for a nationwide carrier ISP. If anyone has any references or stories to share, I'd like to hear about them. thanks! E-MAIL CONFIDENTIALITY NOTICE: This communication and any associated file(s) may contain privileged, confidential or proprietary information or be protected from disclosure under law ("Confidential Information"). Any use or disclosure of this Confidential Information, or taking any action in reliance thereon, by any individual/entity other than the intended recipient(s) is strictly prohibited. This Confidential Information is intended solely for the use of the individual(s) addressed. If you are not an intended recipient, you have received this Confidential Information in error and have an obligation to promptly inform the sender and permanently destroy, in its entirety, this Confidential Information (and all copies thereof). E-mail is handled in the strictest of confidence by Allied National, however, unless sent encrypted, it is not a secure communication method and may have been intercepted, edited or altered during transmission and therefore is not guaranteed. -------------------------------------------------------------- ---------------- Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------- -----------------
------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Re: FW: 3rd party vuln assesment firms kelly . sparks (Jan 05)
- RE: FW: 3rd party vuln assesment firms Tony (Jan 11)
- <Possible follow-ups>
- RE: 3rd party vuln assesment firms Evans, Arian (Jan 05)
- RE: FW: 3rd party vuln assesment firms Mark Teicher (Jan 12)