From: Craig Wright (cwright@bdosyd.com.au)
Date: Wed Aug 31 2005 - 16:41:07 EDT
What you ask for is a TRA - Threat Risk Analysis
This is not a pen test. This involves the classification and valuation of assets, a completion of a vulnerability assesssment, an impact analysis. etc etc
Even the Vulnerability assesssment is more involved than a pen test.
Craig
-----Original Message-----
From: Irene Abezgauz [mailto:irene.abezgauz@gmail.com]
Sent: Wed 31/08/2005 6:33 PM
To: sectraq@gmail.com
Cc: pen-test@securityfocus.com
Subject: Re: Business justification for pentesting
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:48 EDT