Penetration Testing mailing list archives
Re: Security Grade
From: JD Lampard <jdlampard () yahoo com>
Date: Thu, 6 Dec 2007 14:49:45 -0800 (PST)
A points system is what I use... 0 (worst) - 10 (best). Then a overall percentage is given which helps people put the score into perspective easily. However, this can also be misleading... let's say test by test you get 10 except for a couple tests for router, firewall, and IDS for which you get very bad scores. Looking at the overall score gives a false sense of security to the casual reporter reader. Hope this helps. --- 11ack3r <11ack3r () gmail com> wrote:
Hi, Is there a security criteria or matrix against which we could grade customer's pen test results? Like assigning them grade between A to E or 1 to 10. *.*
------------------------------------------------------------------------
This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads
------------------------------------------------------------------------
____________________________________________________________________________________ Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Security Grade 11ack3r (Dec 06)
- Re: Security Grade JD Lampard (Dec 10)
- Re: Security Grade Ed Fuller (Dec 12)
- Re: Security Grade dave-san (Dec 10)
- RE: Security Grade Malhoit, Lauren (Dec 10)
- Re: Security Grade Benjamin Tomhave (Dec 10)
- Re: Security Grade Eddie Block (Dec 10)
- Re: Security Grade Francois Larouche (Dec 12)
- Re: Security Grade Eddie Block (Dec 12)
- Re: Security Grade Francois Larouche (Dec 13)
- Re: Security Grade Pete Herzog (Dec 13)
- Re: Security Grade Francois Larouche (Dec 12)
- Re: Security Grade Stephen Strange (Dec 12)
- Re: Security Grade JD Lampard (Dec 10)