Penetration Testing mailing list archives

Re: IPS arguments

From: kellstr () gmail com
Date: 18 Feb 2009 22:49:21 -0000

First, unless your employer has a contract with the company you should not be involved with pen-testing on them.

As far as why they need it, I would go back to the argument of defense in depth. Each security piece has it's own 
strengths and weaknesses. Having multiple layers should allow the strengths in one layer to cover the weaknesses in 
another. The best argument against this to my mind is complexity, that there are too many different pieces in place for 
the administrative staff to be able to support properly.

Good Luck

Current thread:

Re: IPS arguments, (continued)
- Re: IPS arguments M.D.Mufambisi (Feb 20)
  - Re: IPS arguments Micheal Cottingham (Feb 22)
  - Re: IPS arguments Danny Fullerton (Feb 22)
    - Re: IPS arguments Javier Reyna (Feb 26)
    - Re: IPS arguments Trygve Aasheim (Feb 27)
    - Re: IPS arguments Webmaster 003 (Feb 27)
  - Re: IPS arguments Keith Pasley Com6 (Feb 22)
  - Re: IPS arguments David Howe (Feb 22)
- RE: IPS arguments JoePete (Feb 22)
- Re: IPS arguments Adriel T. Desautels (Feb 26)
- Re: IPS arguments kellstr (Feb 20)