Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Vulnerability vs. Pen test

From: Ulises2k <ulises2k () gmail com>
Date: Fri, 24 Apr 2009 00:10:54 -0300
Yes,
Check this:
http://blog.tenablesecurity.com/2007/07/pci-configurati.html
http://pcianswers.com/2007/07/11/nessus-audit-files-and-uk-petitions-to-make-pci-law/

--
Ulises U. Cuñé
Web: http://www.ulises2k.com.ar


On Wed, Apr 22, 2009 at 17:41, <jlay () slave-tothe-box net> wrote:


So part of PCI DSS requirements are for a quarterly vulnerability
assessment, and a yearly pentest.  My question is:  is Nessus considered
just a vulnerability scanning app?  Thanks.

James


------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Tired of using other people's tools? Why not learn how to write your own exploits?
InfoSec Institute's Advanced Ethical Hacking class teaches you how to write stack and heap buffer overflow exploits 
for Windows and Linux. Gain your Certified Expert Penetration Tester (CEPT) cert as well.

http://www.infosecinstitute.com/courses/advanced_ethical_hacking_training.html
------------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Tired of using other people's tools? Why not learn how to write your own exploits?
InfoSec Institute's Advanced Ethical Hacking class teaches you how to write stack and heap buffer overflow exploits for 
Windows and Linux. Gain your Certified Expert Penetration Tester (CEPT) cert as well.

http://www.infosecinstitute.com/courses/advanced_ethical_hacking_training.html
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: