Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Importance of being a QSA

From: "3 shool" <3shool () gmail com>
Date: Tue, 28 Nov 2006 17:17:55 +0530
Hi All,

We have been doing Penetration tests for more than 4 years for our
customers, including financial and e-commernce segments. One of our
customer came up with a requirement that they would get PenTest
services ONLY from QSA (Qualified Security Assessor) by PCI, as part
of company policy.

We have been delivering fantastic results for them over the years and
they too haven't had any security breaches during this period. I have
heard about this in the mailing list last year but just wanted to know
how important it is to be a QSA for companies like us who have been
doing PenTests since a good period.

Is it just a marketing strategy or is it something more than OSSTMM or
other menthodologies that we don't account for in our tests?

THNX

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: