Penetration Testing mailing list archives
Re: Pen-Test requirements
From: "SD List" <list () security-database com>
Date: Wed, 24 Jan 2007 10:56:16 +0100 (CET)
Hi, You should take a look on Open Source Security Testing Methodology (OSSTMM). It enumerates things to do or not to [ link; http://www.osstmm.org or http://www.isecom.org ] Also, guys from vulnerabilityassessment.co.uk has a very good checklist (called Pre Site Inspection Checklist) http://www.vulnerabilityassessment.co.uk/Presite%20Inspection.html Hope this helps you out. Security-Database.com Team
I am chartered with having a connection pen-tested. I'm trying to determine the requirements for a statement of work for outsourcing. The objective of the pen-test is to validate technical controls that prevent unauthorized access to and from our network. Does anyone have a standard SOW for this type of testing? ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- Pen-Test requirements bigsteff_itsec (Jan 16)
- Re: Pen-Test requirements SD List (Jan 24)