Penetration Testing mailing list archives
Re: Pentest Letter of Achievement/Certificate
From: "blowfish 448" <blowfish448 () hotmail com>
Date: Wed, 13 Jul 2005 10:29:18 +0200
Tom, Ralph,thanks for the input, and I totally agree. Should have been paying more attention to the wording I used. It's not so much providing a certificate of success, here I agree with your arguments, but rather an objective statement of penetration testing has been executed at a certain period in time on infrastructure X at customer Y by company Z. This so they can show to their customer base they take security serious
and have undergone testing.
From my experience in the financial market customers and partners - e.g.
other banks -of financial organisations asking for such proof is absolutely not so uncommon.
Thanks
On 7/12/05, blowfish 448 <blowfish448 () hotmail com> wrote: > Hi, >> any of you know if any 'standards' or accepted guidelines exist for a letter> or certification> of succesfull resistance to Penetration Testing/Vulnerability Assessment.> Customers often> demand to have a proof delivered by their Penetration Test service provider> to show to their > partners and customers. >> The idea of course is not to disclose sensitive information but to briefly> describe> the environment tested and how - according to which methodologies and the> attack vectors > tested for. > > > Thanks in advance > > >
Current thread:
- Re: Pentest Letter of Achievement/Certificate, (continued)
- Re: Pentest Letter of Achievement/Certificate blowfish 448 (Jul 14)
- Message not available
- GPRS Security dinckan (Jul 14)
- RE: GPRS Security Tonie (Jul 15)
- Re: GPRS Security Ty Bodell (Jul 15)
- Re: GPRS Security Johan Mellberg (Jul 16)
- RE: GPRS Security Sahir Hidayatullah (Jul 19)
- source code audit manoj kumar (Jul 19)
- Re: Pentest Letter of Achievement/Certificate John Kinsella (Jul 14)
- Re: Pentest Letter of Achievement/Certificate blowfish 448 (Jul 13)
- Re: Pentest Letter of Achievement/Certificate Tom Van de Wiele (Jul 13)
- Re: Pentest Letter of Achievement/Certificate Travis Good (Jul 13)
- Re: Pentest Letter of Achievement/Certificate John Kinsella (Jul 14)
- RE: Pentest Letter of Achievement/Certificate Paul Fields (Jul 14)
- Re: Pentest Letter of Achievement/Certificate Mike Klingler (Jul 15)
- RE: Pentest Letter of Achievement/Certificate Lyal Collins (Jul 15)
- Re: Pentest Letter of Achievement/Certificate Mark Teicher (Jul 13)