Non pen-test services

[cribbar <crib.bar () hotmail co uk>]

I wondered, how many of you work for companies that focus purely on
security/pen testing, and how many of your employers/organisations expand
and offer other services for external clients, such as looking into their
operations, such as their backup/archive policy and procedures, or their
disaster recovery plans? I dont see that this is an area most pen test
companies offer, which is a shame, as often these companies are highly
skilled in the field of ICT, and are often brought in for that very reason,
skill above and beyond internal, or a fresh pair of eyes to offer management
assurance. If any folk do offer additional services above and pen-testing it
would be interesting to know, or is the general consensus our area of
expertese is pentesting/security so thats what we stick to? Would also be
interested to know what 3rd parties come looking for outside of pen test /
vulnerability scans to see if you can provide/offer that to them. Look
forward to your feedback...
-- 
View this message in context: http://old.nabble.com/Non-pen-test-services-tp31164581p31164581.html
Sent from the Penetration Testing mailing list archive at Nabble.com.


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------