Penetration Testing mailing list archives
Re: Has anyone ever started a pen testing company?
From: AdamT <adwulf () gmail com>
Date: Wed, 21 Jun 2006 12:05:01 +0100
On 20 Jun 2006 10:00:38 -0000, port-scan () hushmail com <port-scan () hushmail com> wrote:
Hi Ive been thinking about this for sometime now, and im looking to start a pen testing company & forensics.
I've not set up my own company, but I was with a pen testing company's European office from the word 'go'.
I just wanted to ask if anyone has setup up there own company and whether you have and tips on how you went about things, ie how did you attract your first client etc etc.
This is the tricky bit. Talk to prospective clients before you 'go live'. Try to get at least one signed up with you. You'll need an idea of who your staff will be, and their areas of expertise before you can sell their skills to prospective clients. If possible, get yourself a couple of 'big guns' - names that are known in the security arena, whom journalists love to quote (giving your company a mention, too). Developing a partnership or affiliation with some security vendors might be worth looking at here. If you become a preferred 'Acme Security Devices' partner, you might get a bit of consultancy work installing Acme Firewall or Acme IDS or suchlike. Getting whichever accreditations are useful in your neck of the woods will be useful for this. In the UK, that means being CHECK certified. If you can pull that off, you can get listed, and you might start getting clients knocking on your door instead of vice-versa. However tempting it may be, don't go trying to poach your current employer's clients, and don't go making copies of their intellectual property (that includes work you did for them, document templates, test scripts, etc)- it will end in tears. -- AdamT "A casual stroll through the lunatic asylum shows that faith does not prove anything." - Nietzsche ------------------------------------------------------------------------------ This List Sponsored by: CenzicConcerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------
Current thread:
- Has anyone ever started a pen testing company? port-scan (Jun 20)
- Re: Has anyone ever started a pen testing company? AgentSmith15 (Jun 21)
- Re: Has anyone ever started a pen testing company? Christine Kronberg (Jun 21)
- Re: Has anyone ever started a pen testing company? Robin Wood (Jun 21)
- Re: Has anyone ever started a pen testing company? AdamT (Jun 21)
- Re: Has anyone ever started a pen testing company? K K Mookhey (Jun 21)
- <Possible follow-ups>
- Re: Re: Has anyone ever started a pen testing company? cidsauer (Jun 21)
- Re: Has anyone ever started a pen testing company? techlists (Jun 21)
- Re: Has anyone ever started a pen testing company? Mark Teicher (Jun 21)