Penetration Testing mailing list archives
Importance of being a QSA
From: "3 shool" <3shool () gmail com>
Date: Tue, 28 Nov 2006 17:17:55 +0530
Hi All, We have been doing Penetration tests for more than 4 years for our customers, including financial and e-commernce segments. One of our customer came up with a requirement that they would get PenTest services ONLY from QSA (Qualified Security Assessor) by PCI, as part of company policy. We have been delivering fantastic results for them over the years and they too haven't had any security breaches during this period. I have heard about this in the mailing list last year but just wanted to know how important it is to be a QSA for companies like us who have been doing PenTests since a good period. Is it just a marketing strategy or is it something more than OSSTMM or other menthodologies that we don't account for in our tests? THNX ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- Importance of being a QSA 3 shool (Nov 28)
- Re: Importance of being a QSA Kurt Grutzmacher (Nov 28)
- RE: Importance of being a QSA Erin Carroll (Nov 28)
- Re: Importance of being a QSA 3 shool (Nov 29)