Re: Pentest Letter of Achievement/Certificate

From: John Kinsella (jlk@thrashyour.com)
Date: Wed Jul 13 2005 - 23:27:33 EDT

• Next message: Blyth A J C (Comp): "1st European Conference on Computer Network Defence (EC2ND)"
• Previous message: blowfish 448: "Re: Pentest Letter of Achievement/Certificate"
• In reply to: Travis Good: "Re: Pentest Letter of Achievement/Certificate"
• Next in thread: Paul Fields: "RE: Pentest Letter of Achievement/Certificate"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Wed, Jul 13, 2005 at 09:17:57PM -0700, Travis Good wrote:
> http://www.hackersafe.com

I nearly gave that a serious response. ;)

> Alot of people accept this kind of unrealistic request from a client
> because 1) they dont know any better, 2) are unable to educate their
> client and wont turn down a gig even when their client is unrealistic
> or 3) dont care and just want money.
>
> Security audits are not marketing tools.

Very true. But say you have a client who realizes what needs to be
done(say, director of tech) but has a boss who wants the rubber stamp.
There's just situations where it's needed.

I think (hope) we're not talking about the stamp without the report, but
more of putting an official on something already done.

John

• Next message: Blyth A J C (Comp): "1st European Conference on Computer Network Defence (EC2ND)"
• Previous message: blowfish 448: "Re: Pentest Letter of Achievement/Certificate"
• In reply to: Travis Good: "Re: Pentest Letter of Achievement/Certificate"
• Next in thread: Paul Fields: "RE: Pentest Letter of Achievement/Certificate"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:33 EDT