Penetration Testing mailing list archives
Pen Test--France and Belgium
From: Michael Daveler <mdaveler () yahoo com>
Date: Mon, 7 Dec 2009 13:31:12 -0800 (PST)
Hi List: We are a USA security company and have been asked by our client to perform a two-phase project of the client's third-party vendors/suppliers located in France and Belgium. Phase one will be a vuln scan, and Phase two will be a penetration test. Both phases will have scans/pen tests originating across the Internet. We will be securing the appropriate contracts/agreements/etc. with client, client's third-party vendors, consent forms from third-party vendor's ISP's (to allow scans through their networks to third-party vendor, etc.). And most importantly, will have all contract/agreement work done by legal counsel well-versed in this type of work, and knowledgeable of laws in France and Belgium. In the interim, for the initial fact-finding, looking to see if anyone has put together any checklists, guidance documents or has feedback on things you should/should NOT do while doing scans/pen tests against entities in France and Belgium, what specific laws can be referenced/reviewed, etc. As an example, I have heard that if doing pen tests of entities in France, you need to follow their crypto laws; had to have lawyers approve the crypto algorithms used for setting up encrypted connections going to and from the country; and some other algorithms required registration with the government to use, etc. So any and all details are much appreciated. If appropriate, once I have collected all feedback, I can prepare a summary and post back to the list. Thanks in advance, --Mike ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Pen Test--France and Belgium Michael Daveler (Dec 08)
- Re: Pen Test--France and Belgium Stefan (Dec 08)
- Re: Pen Test--France and Belgium Koen Bossaert (Dec 15)