From: AdamT (adwulf@gmail.com)
Date: Wed Jun 21 2006 - 07:05:01 EDT
On 20 Jun 2006 10:00:38 -0000, port-scan@hushmail.com
<port-scan@hushmail.com> wrote:
> Hi
>
>
> Ive been thinking about this for sometime now, and im looking to start a pen testing company & forensics.
I've not set up my own company, but I was with a pen testing company's
European office from the word 'go'.
>
> I just wanted to ask if anyone has setup up there own company and whether you have and tips on how you went about things, ie how did you attract your first client etc etc.
>
This is the tricky bit. Talk to prospective clients before you 'go
live'. Try to get at least one signed up with you. You'll need an
idea of who your staff will be, and their areas of expertise before
you can sell their skills to prospective clients. If possible, get
yourself a couple of 'big guns' - names that are known in the security
arena, whom journalists love to quote (giving your company a mention,
too).
Developing a partnership or affiliation with some security vendors
might be worth looking at here. If you become a preferred 'Acme
Security Devices' partner, you might get a bit of consultancy work
installing Acme Firewall or Acme IDS or suchlike.
Getting whichever accreditations are useful in your neck of the woods
will be useful for this. In the UK, that means being CHECK certified.
If you can pull that off, you can get listed, and you might start
getting clients knocking on your door instead of vice-versa.
However tempting it may be, don't go trying to poach your current
employer's clients, and don't go making copies of their intellectual
property (that includes work you did for them, document templates,
test scripts, etc)- it will end in tears.
-- AdamT "A casual stroll through the lunatic asylum shows that faith does not prove anything." - Nietzsche ------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request@cenzic.com for details. ------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:08 EDT