Penetration Testing mailing list archives
Re: Bank Assessment
From: Max <reply.to.newsgroup () mozilla org>
Date: Tue, 20 Apr 2004 18:54:32 +0200
Hi Joe,I do pen tests for banks in Switzerland and the one thing that is true in all my missions is: "Banking Secret".
I have no rights to discuss anything pertaining to my missions even to colleagues in my company. Neither method, tools, approach and obviously, results can be discussed nor made public. The only thing I can tell you is that, in banks out here, the IT staff is usually very competent, they know a whole lot (sometimes more than we, consultants), they have square policies and the main reason they want an outsider to do the test is because they have to (by law) or they don't have time to do it themsleves.
Your best source of information pertaining to bank pen testing is the IT staff from the bank who hired you. They will tell you everything you *need* to know, nothing more... and don't try to ask for more, they won't give it :-)
Cheers, -- M@x Joe Smith wrote:
I'm looking for any good links with regard to Banking Institutions.. Security assessments, pen-testing, special needs etc. I know they arebig on policies and procedures.
------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
Current thread:
- Bank Assessment Joe Smith (Apr 19)
- Re: Bank Assessment Max (Apr 21)
- RE: Bank Assessment Blake Wiedman (Apr 21)
- Re: Bank Assessment Ivan Arce (Apr 22)
- Re: Bank Assessment lists (Apr 23)
- RE: Bank Assessment c0d3r (Apr 22)
- RE: Bank Assessment Amit Deshmukh (Apr 23)
- RE: Bank Assessment Chuck Herrin (Apr 23)
- Re: SME risk assessment (Was: Bank Assessment) fergus (Apr 24)
- RE: Bank Assessment Blake Wiedman (Apr 23)
- Re: Bank Assessment Ivan Arce (Apr 22)
- <Possible follow-ups>
- RE: Bank Assessment James Williams (Apr 23)