Penetration Testing mailing list archives
Re: They will protect me (won't they?)
From: Jamie Riden <jamie.riden () gmail com>
Date: Tue, 10 Feb 2009 22:28:31 +0000
2009/2/9 Adriel T. Desautels <ad_lists () netragard com>:
One of my recent thoughts and blog entries... So the other day I was talking with my buddy Kevin Finisterre. One of the things that we were discussing was people who just don't feel that security is an important aspect of their business because their customers don't ask for it. That always makes my brain scream "WHAT!?". Here's a direct quote from a security technology vendor "We don't perform regular penetration tests because our customers don't ask us to do that."
This is probably not a popular view on this list, but I think you can do a lot towards securing a system without doing a pen-test. Obviously, I think vendors do have a substantial responsibility to make sure the systems they sell are easy to secure, and to encourage their customers to keep them secure. But if the security guy at the company fixes everything up without having a pen-test that's fine with me. cheers, Jamie -- Jamie Riden / jamesr () europe com / jamie () honeynet org uk http://www.ukhoneynet.org/members/jamie/
Current thread:
- They will protect me (won't they?) Adriel T. Desautels (Feb 10)
- Re: They will protect me (won't they?) Jamie Riden (Feb 11)
- Re: They will protect me (won't they?) Adriel T. Desautels (Feb 11)
- Re: They will protect me (won't they?) Jamie Riden (Feb 11)
- Re: They will protect me (won't they?) Adriel T. Desautels (Feb 11)
- Re: They will protect me (won't they?) Sat Jagat Singh (Feb 11)
- Re: They will protect me (won't they?) Adriel T. Desautels (Feb 11)
- Re: They will protect me (won't they?) Jamie Riden (Feb 11)
- Re: They will protect me (won't they?) Adriel T. Desautels (Feb 11)
- Re: They will protect me (won't they?) Dotzero (Feb 11)
- Re: They will protect me (won't they?) Adriel T. Desautels (Feb 11)
- Message not available
- Message not available
- Fwd: They will protect me (won't they?) Dotzero (Feb 11)