PT Report delivery (caveats)

["johnny Mnemonic" <security4thefainthearted () hotmail com>]

Hi

I'm interested in the group's feedback on the most accepted way to deliver a 
final PT report to a client. Best practices indicate that reports are only 
sent to a select group of people in each of the Red/White/blue teams, and 
docs are sent via encrypted email and/or the document itself encrypted with 
public/private keys exchanged at the start of the engagement. I've even 
heard that sending electronic copies of the report is a no-no and only a 
hardcopy should be couried. Could someone weight in on caveats and/or 
industry standards for report delivery?

Also how would report delivery best practices from an internal pesting team 
differ (if at all) from that of a third party consulting outfit.

Many thanks.

_________________________________________________________________
Find just what you are after with the more precise, more powerful new MSN 
Search. http://search.msn.com.sg/ Try it now.


------------------------------------------------------------------------------
This List Sponsored by: Lancope

"Discover the Security Benefits of Cisco NetFlow"
Learn how Cisco NetFlow enables cost-effective security across distributed 
enterprise networks. StealthWatch, the veteran Network Behavior Analysis (NBA) 
and Response solution, leverages Cisco NetFlow to provide scalable, 
internal network security. 
Download FREE Whitepaper "Role of Network Behavior Analysis (NBA) and Response 
Systems in the Enterprise."

http://www.lancope.com/resource/
------------------------------------------------------------------------------