Penetration Testing mailing list archives
PT management and event tracking
From: p1g <killfactory () gmail com>
Date: Sun, 5 Oct 2008 22:17:37 -0400
Greetings, I see a lot of threads that deal with focused topics (e.g., how do i hack A, how do I hack B, etc.). But I do don't see many post regarding the tracking of a PT project. What are you guys using to track your work? Are you writing your own application? Not using anything? Recommend any software? Does compliance play a role in what you track/record during an engagement? Retention? You ALL have whole disk encryption right? What do you do with the data when you have ended the engagement? How many of you have the last 2 years worth of audit work still on your laptop? Just curious.. -- -p1g SnortCP, ESSE-D, C|HFI, TNCP, TECP, NACP, A+, whatever.. ,,__ o" )~ oink oink ' ' ' ' If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked. -- former White House cybersecurity czar Richard Clarke ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
Current thread:
- PT management and event tracking p1g (Oct 05)