Pen-Test requirements

From: bigsteff_itsec@yahoo.com
Date: Tue Jan 16 2007 - 22:48:43 EST

Next message: Olivier Meyer: "Re: reverse proxy identification"
Previous message: Clement Dupuis: "RE: Community Rainbow Tables downloading"
Next in thread: SD List: "Re: Pen-Test requirements"
Reply: SD List: "Re: Pen-Test requirements"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

('binary' encoding is not supported, stored as-is) I am chartered with having a connection pen-tested. I'm trying to
determine the requirements for a statement of work for outsourcing.

The objective of the pen-test is to validate technical controls that
prevent unauthorized access to and from our network.

Does anyone have a standard SOW for this type of testing?

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

Next message: Olivier Meyer: "Re: reverse proxy identification"
Previous message: Clement Dupuis: "RE: Community Rainbow Tables downloading"
Next in thread: SD List: "Re: Pen-Test requirements"
Reply: SD List: "Re: Pen-Test requirements"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:31 EDT