-
December 28th, 2005, 02:38 AM
#11
Senior Member
Thanks a lot guys....
I am glad that i put the question here.
I got my answer!!
Regards.
Now is the moment, or NEVER!!!
-
December 29th, 2005, 02:44 PM
#12
some companies that have not been mentioned:
NGS (UK)
ISS
Symantec
Big 4 - PWC, KPMG, D&T, E&Y
Also, most large financial institutions will have a group that at least dabble in pen testing
I suggest you start by reading TCP/IP illustrated volume 1. The SANS stuff is ok, but seems a little basic at times, there also millions of books with the word "hacking" in their title which may be of use at some point.
Also, keep in mind that some companies will use the term penetration testing when all they really do is run a vulnerability scan, so depending on your skill level you may want to enquire as to what you prospective employee actually considers a pen test to be.
Quis custodiet ipsos custodes
-
December 29th, 2005, 07:24 PM
#13
Member
-
December 30th, 2005, 05:45 AM
#14
Originally posted here by riya_here
Do any of you have any idea of the companies who actively deal in Penetration Testing?
Hi Riya:
I have used Foundstone for a pen-test against a web application and was quite pleased with their work. They provided a very thorough report showing not just vulns but also the tools they used, the methodology, and also the data from the tools. Downside is they are expensive: $15K a pop.
The quality of the pen-test is dependent on 2 things: the methodology used and more importantly the skill level of the pen-tester. A well laid out scope and rules of engagement are also important.
Good luck.
-
December 31st, 2005, 04:27 AM
#15
Senior Member
I didnt knew there were so many tools available
Even I came to know about one, Nessus (www.nessus.com)
Now is the moment, or NEVER!!!
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|