BSI: penetration testing article

["Gary McGraw" <gem () cigital com>]

Hi all,

The sixth article in my IEEE Security & Privacy magazine series called
"Building Security In" is on Penetration Testing.  This article was
co-authored by Brad Arkin (symantec) and Scott Stender.  As a service to
the community, we're making advance copies available here:

http://www.cigital.com/papers/download/bsi6-pentest.pdf

I am sure many of you already subscribe to S&P.  If you don't yet, you
should...check out http://www.computer.org/security/.

gem

Previous articles in the series:
http://www.cigital.com/papers/download/bsi5-static.pdf
http://www.cigital.com/papers/download/misuse-bp.pdf
http://www.cigital.com/papers/download/risk-analysis.pdf
http://www.cigital.com/papers/download/j2oth-qxd.pdf
http://www.cigital.com/papers/download/software-security-gem.pdf


----------------------------------------------------------------------------
This electronic message transmission contains information that may be
confidential or privileged.  The information contained herein is intended
solely for the recipient and use by any other party is not authorized.  If
you are not the intended recipient (or otherwise authorized to receive this
message by the intended recipient), any disclosure, copying, distribution or
use of the contents of the information is prohibited.  If you have received
this electronic message transmission in error, please contact the sender by
reply email and delete all copies of this message.  Cigital, Inc. accepts no
responsibility for any loss or damage resulting directly or indirectly from
the use of this email or its contents.
Thank You.
----------------------------------------------------------------------------