RE: Blue Team ROE

From: Dave Sanford (dsanford@austin.rr.com)
Date: Tue Mar 06 2007 - 22:46:40 EST

• Next message: Craig Wright: "RE: The legal / illegal line?"
• Previous message: Craig Wright: "RE: The legal / illegal line?"
• In reply to: krymson@gmail.com: "RE: Blue Team ROE"
• Next in thread: Angelacci, Anna M CTR SPAWAR, J616: "RE: Blue Team ROE"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Yea - a professional knows when to walk away - after thanking
the client for the opportunity, explaining why doing the job
would not be in your/your companies interest, and explaining
the terms under which you would be happy to do the work.

Dave

"Oh would some power the giftie gie us, to
see ourselves as others see us." Robert Burns
> -----Original Message-----
> From: listbounce@securityfocus.com
> [mailto:listbounce@securityfocus.com] On Behalf Of krymson@gmail.com
> Sent: Tuesday, March 06, 2007 2:53 PM
> To: pen-test@securityfocus.com
> Subject: RE: Blue Team ROE
>
> It is not always about being a professional either. For
> instance, is the engagement going to be risky for your own
> company image? Let's say your company is given this
> assignment by AgencyX and AgencyX has a very high profile
> incident. AgencyX and/or the media will likely drag your name
> into the issue because you gave them a clean bill of health
> with an asterisk after it explaining that some constraints
> were made...
>
> Just the act of saying "Secure...but with huge glaring holes"
> may be too much risk for you.
>
> --------------------------------------------------------------
> ----------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
>
> http://www.cenzic.com/products_services/download_hailstorm.php
> ?camp=701600000008bOW
> --------------------------------------------------------------
> ----------
>

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

• Next message: Craig Wright: "RE: The legal / illegal line?"
• Previous message: Craig Wright: "RE: The legal / illegal line?"
• In reply to: krymson@gmail.com: "RE: Blue Team ROE"
• Next in thread: Angelacci, Anna M CTR SPAWAR, J616: "RE: Blue Team ROE"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:38 EDT