Dailydave mailing list archives
Re: So when will the end of pen-tests begin?
From: Saad Kadhi <saad () docisland org>
Date: Thu, 23 Nov 2006 09:18:28 +0100
On Nov 23, 2006, at 5:48 AM, Isaac Dawson wrote:
So when will these tests end? 5-10 years? 20? I know we will 'always' need security validation, but will customers be willing to spend the (sometimes insanely overpriced) amount for these types of tests? Is anyone else thinking about what they will do next? :)
Turning to risk-based security testing and working in an "inside-
out" fashion for big software shops?
I don't think pen-tests will "end". Think about the actual trend of distributed components, SOA etc. They may need recalibration (for ex. by acquiring more knowledge beforehand on the inner guts of software instead of a Black Box approach) and skills' honing but they still and will remain an essential part of software security. -- Saad Kadhi - http://saad.docisland.org/ "He who relieves the poor makes Ahura king" _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- So when will the end of pen-tests begin? Isaac Dawson (Nov 22)
- Re: So when will the end of pen-tests begin? Saad Kadhi (Nov 23)
- Re: So when will the end of pen-tests begin? Kurt Grutzmacher (Nov 24)
- Re: So when will the end of pen-tests begin? David Maynor (Nov 24)
- Re: So when will the end of pen-tests begin? Saad Kadhi (Nov 23)