Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Testing the user community

From: webmaster () absolutenetworks biz
Date: Wed, 31 Jan 2007 12:51:39 -0600
what do you mean by "what the *company* is doing, not what the users are doing."

We have policy in place however my purpose of pen testing the user community is 
to justify initial training cost/time.  After training has taken place run 
similar test and compare the results to see if the training is effective.

Kurt


Quoting Paul Melson <pmelson () gmail com>:




You will find that your results will be more meaningful and it will be
easier to create an effective action plan based on those results if there is
some way of identifying deficiencies relative to what the *company* is
doing, not what the users are doing.  






------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: