Penetration Testing mailing list archives
Cross-company collaboration
From: "Erin Carroll" <amoeba () amoebazone com>
Date: Fri, 17 Jul 2009 16:47:41 -0700
List members, The recent thread from Adriel on verifying your security providers jogged a thought that's been at the back of my mind for a bit: Have you ever worked or collaborated with another pen-test company on projects? How did it work out? What prompted the collaboration effort? How did you manage the relationship with "the competition" and was it a successful engagement (financial or otherwise)? How did you find/choose who to work with? There are quite a number of quality "boutique" pen-test companies out there; small staff of experts (or even one-man shows) in a particular field of expertise/market focus. Given that pen-testing encompasses such a wide range of subject matter, it's almost impossible for a company under a certain size to have the in-house resources for every type of expertise. While I know that me & the guys in my own company are damned good at what we do, there are areas where we try to bring in outside expertise in areas where we don't have the business demand to justify fleshing out that skill set with additional staff. I'm curious as to how common collaboration is and what your thoughts on it are. -- Erin Carroll Moderator, SecurityFocus pen-test mailing list "I cannot brain today, I have the dumb" ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Cross-company collaboration Erin Carroll (Jul 17)
- Re: Cross-company collaboration Tonnerre Lombard (Jul 22)
- RE: Cross-company collaboration Jonathan Cran (Jul 30)
- Re: Cross-company collaboration Adriel T. Desautels (Jul 30)
- RE: Cross-company collaboration Jonathan Cran (Jul 30)
- Re: Cross-company collaboration Tonnerre Lombard (Jul 22)