Penetration Testing mailing list archives

Re: Canned audits

From: "imariot () gmail com" <imariot () gmail com>
Date: Fri, 24 Mar 2006 22:49:30 -0500

I've been doing Testing In-house for a long time, and although I haveyet to find anything that does all "canned" audits. It sounds like youare looking for something like SecurityNow. It will help you getstarted, but it costs....


See:
http://www.cioview.com/products/prod_securitynow.html

ROB.DIXON wrote:

Hi All,

We have had many audits in the past by 3 party vendors. My company is finally interested in performing some of these
audits in house and a little more frequently than the annual 3rd party audits.

My question is, is there a software package, a "canned" audit that can be performed? Basic info gathering questions
regarding authentication controls, network documentation(how and where it is stored), question that should be asked regarding
wireless AP
and other basic security questions?

-Rob Dixon

Robert L. Dixon, CSO
CHFI A+
State of West Virginia's
West Virginia Office of Techonology
Infrastructure Applications
Netware/GroupWise Administrator
Telephone: (304)-558-5472 ex.4225
Email:rdixon () workforcewv org

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
As attacks through web applications continue to rise, you need to proactively
protect your applications from hackers. Cenzic has the most comprehensive
solutions to meet your application security penetration testing and
vulnerability management needs. You have an option to go with a managed
service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm).
Download FREE whitepaper on how a managed service can help you:
http://www.cenzic.com/forms/ec.php?pubid=10025
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request () cenzic com
------------------------------------------------------------------------------



------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?As attacks through web applications continue to rise, you need to proactivelyprotect your applications from hackers. Cenzic has the most comprehensivesolutions to meet your application security penetration testing andvulnerability management needs. You have an option to go with a managedservice (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm).Download FREE whitepaper on how a managed service can help you:http://www.cenzic.com/forms/ec.php?pubid=10025And, now for a limited time we can do a FREE audit for you to confirm yourresults from other product. Contact us at request () cenzic com

------------------------------------------------------------------------------

Current thread:

Canned audits ROB DIXON (Mar 24)
- RE: Canned audits Eyal Udassin (Mar 25)
- Re: Canned audits r@d (Mar 27)
  - Re: Canned audits sol (Mar 28)
- Re: Canned audits bf (Mar 27)
- Re: Canned audits Gareth Davies (Mar 28)
- Re: Canned audits Dotzero (Mar 28)
- <Possible follow-ups>
- Re: Canned audits imariot () gmail com (Mar 25)
- Re: Canned audits revnic (Mar 25)
- RE: Canned audits Clemens, Dan (Mar 25)
- RE: Canned audits Clemens, Dan (Mar 28)
  - Re: Canned audits Phil Frederick (Mar 29)
  - Re: Canned audits US Infosec (Mar 30)