Penetration Testing mailing list archives
Re: My Frustrations Step Two
From: Matt <matt () mrssecurity com>
Date: Thu, 18 Dec 2008 21:02:22 +0000
Adriel T. Desautels wrote:
Having managed to advoid the 24 TV show for a number of years i have been forced to start watching it as i was bored. So far, 8 episodes in i am rather enjoying it.So it appears to me that the solution to this problem is to provide the customer with ammunition so that they can quickly shoot down the fraudulent security experts and properly identify the real ones. There are different services, different classifications of service, different threat levels, etc. If our customers knew how to identify what they needed, they could use that to choose a good provider with much more success. But thats the real problem isn't it? Our customers aren't security experts and as a result they don't know what they need...So, what questions can we arm our customers with so that they can weed out the Frauds?Adriel T. Desautels ad_lists () netragard com
However, this thread caught my eye while googling Kim Bauer.There are a number of courses and exams out there that attempt to guage a persons penetration testing skills for example in the UK the CHECK, TIGER and CREST schemes. No easy feat in themselves to pass.
We have attempted in the UK to educate customers that using pen companies with links into these exams and having employees that have passed these schemes is a good thing rather than the one man show.
I think educating a customer to look at previous work that you have done, and customer references is the way to go.
Customers tend to go with other customer recommendations.At the end of the day everyone on here is effectively competing against each other for work and i am afraid in this day and age its starting to come down to price and the promise that it will be delivered.
BUT... its nice to see some of the big names are popping up in this list/thread.
I'm going back to 24 now.. ------------------------------------------------------------------------ This list is sponsored by: Cenzic Security Trends Report from Cenzic Stay Ahead of the Hacker Curve! Get the latest Q2 2008 Trends Report now www.cenzic.com/landing/trends-report ------------------------------------------------------------------------
Current thread:
- My Frustrations Adriel T. Desautels (Dec 18)
- Re: My Frustrations Jamie Riden (Dec 18)
- My Frustrations Step Two Adriel T. Desautels (Dec 18)
- RE: My Frustrations Step Two Erin Carroll (Dec 18)
- Re: My Frustrations Step Two Leonardo Cavallari Militelli (Dec 18)
- Re: My Frustrations Step Two Alex Moen (Dec 18)
- Re: My Frustrations Step Two Matt (Dec 18)
- Re: My Frustrations Step Two Paul Melson (Dec 19)
- Re: My Frustrations Step Two Adriel T. Desautels (Dec 19)
- My Frustrations Step Two Adriel T. Desautels (Dec 18)
- Re: My Frustrations Jamie Riden (Dec 18)
- Re: My Frustrations security curmudgeon (Dec 18)
- Re: My Frustrations M.B.Jr. (Dec 18)
- Re: My Frustrations Adriel T. Desautels (Dec 18)
- Re: My Frustrations M.B.Jr. (Dec 19)
- RE: My Frustrations Baykal, Adnan (CSCIC) (Dec 19)
- RE: My Frustrations Erin Carroll (Dec 19)