RE: 3rd party vuln assesment firms

["Evans, Arian" <Arian.Evans () fishnetsecurity com>]

Hola Michael,

Is "Netchecker" short for "Michael Webber"?

It appears that:
alliednational.com->webersemail.com->netchecker.net

I am all for people letting us know about their services,
but subterfuge breeds a little suspicion in my book.

I have to agree with you on one point: it is important for
a firm to know if they "are open to deadly worms or hackers".
However, I am unsure how self-assessment gels with GLBA and
SOX requirements. hmmm.

btw// I used an array of standard tools along with some
custom code and human analysis above. oh and I read that
book by Johnny Long called "Google Hacking" that's pretty
3733t and you might want to check it out,

-ae

Next up: "hey I have worked with arian and he is the
bestest pen tester ever. I'd recommend hiring him
immediately for a huge fee." Just kidding. I don't
even like that arian guy.


> -----Original Message-----
> From: Michael Weber [mailto:mweber () alliednational com] 
> Sent: Tuesday, December 27, 2005 10:58 AM
> To: rklemaster () hotmail com; pen-test () securityfocus com
> Subject: Re: 3rd party vuln assesment firms
>
>
> Happy New Year!
>
> I have been using both the internal and external vuln. assessment
> products from NetChecker.  They use an array of standard tools, along
> with some custom code and human analysis.  I like the product, the
> price, and the results.
>
> www.netchecker.net is their web site.
>
> -Michael
>
> > > > <rklemaster () hotmail com> 12/23 11:27 AM >>>
> I'm looking for a firm to conduct annual 3rd party vulnerability
> assesments for a nationwide carrier ISP. If anyone has any 
> references or
> stories to share, I'd like to hear about them.
> thanks!
>
>
>
>
> E-MAIL CONFIDENTIALITY NOTICE: This communication and any associated 
> file(s) may contain privileged, confidential or proprietary 
> information or be protected from disclosure under law ("Confidential 
> Information").  Any use or disclosure of this Confidential 
> Information,
> or taking any action in reliance thereon, by any individual/entity 
> other than the intended recipient(s) is strictly prohibited.  This 
> Confidential Information is intended solely for the use of the 
> individual(s) addressed. If you are not an intended recipient, you 
> have received this Confidential Information in error and have an 
> obligation to promptly inform the sender and permanently destroy, 
> in its entirety, this Confidential Information (and all copies 
> thereof).  E-mail is handled in the strictest of confidence by 
> Allied National, however, unless sent encrypted, it is not a secure 
> communication method and may have been intercepted, edited or 
> altered during transmission and therefore is not guaranteed.
>
>
>
> --------------------------------------------------------------
> ----------------
> Audit your website security with Acunetix Web Vulnerability Scanner: 
>
> Hackers are concentrating their efforts on attacking 
> applications on your 
> website. Up to 75% of cyber attacks are launched on shopping 
> carts, forms, 
> login pages, dynamic content etc. Firewalls, SSL and 
> locked-down servers are 
> futile against web application hacking. Check your website 
> for vulnerabilities 
> to SQL injection, Cross site scripting and other web attacks 
> before hackers do! 
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> --------------------------------------------------------------
> -----------------

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------