Penetration Testing mailing list archives
Re: JIRA Pentest
From: Bog Witch <iambogwitch () gmail com>
Date: Tue, 18 Oct 2011 22:05:50 +0100
Hi, Sorry, I think you misunderstood. I am looking for a company (or contractor) that has recent, specific experience of testing a JIRA installation for a potential short-term contract for a friend of mine. I appreciate that I could DL and install or even mirror the installation but he is hoping to have a professional test done rather than the 'enthusiastic amateur' test that I would perform as I do not have experience of JIRA specifically. Cheers, Bog On Tue, Oct 18, 2011 at 8:54 PM, <securityfocus () rawchaos com> wrote:
The free version of Jira (I believe it's a 30 day trial) is exactly the same as the commerical product. The only difference between all of the download pay versions is how many user licenses you are allowed (so the $10 version would be just as good if you need more than 30 days). The hosted (managed) versions of Jira will probably be different, but I doubt that is what you are looking to do research on. Aside from that it's a pretty standard Tomcat application. -a On Tue, Oct 18, 2011 at 04:28:34PM +0100, Bog Witch wrote:All, Is there anyone on this list with commercial JIRA pentest exposure? Please email responses directly. Thanks, Bog
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- JIRA Pentest Bog Witch (Oct 18)
- Re: JIRA Pentest Patrick Webster (Oct 19)
- Re: JIRA Pentest securityfocus (Oct 19)
- Re: JIRA Pentest Bog Witch (Oct 19)