RE: The business/marketing of pen-testing.

From: Jeff Gercken (JeffG_at_kizan.com)
Date: 10/26/04

  • Next message: Renaud Deraison: "Re: Nessus question" 
    Date: Tue, 26 Oct 2004 14:52:07 -0400
To: "Aaron Drew" <ripper@internode.on.net>, <pen-test@securityfocus.com>

    Don't use scare tactics. Salesmen prophesizing scenarios of impending
    doom and catastrophic failures have really hurt the security industry.
    Rational and quantitative risk analysis is what businesses need.
    Everyone has vulnerabilities and most know it. You should position
    yourself as the guy who will enumerate them and assign priority.

    Also, if you are asked, be open in your methods and tools. Be part
    teacher and you will be rewarded with trust and loyalty.

    Anyhow, just my $.02
    -Jeff

    -----Original Message-----
    From: Aaron Drew [mailto:ripper@internode.on.net]
    Sent: Sunday, October 24, 2004 6:20 PM
    To: pen-test@securityfocus.com
    Subject: The business/marketing of pen-testing.

    I've had an interest in computer security for some time and I'm now
    looking at
    starting a business around it. There are *no* other such businesses in
    my
    area but because of this, I'm not sure how to sell my services to
    potential
    customers or even what my target market should be (small, medium, or big

    business).

    Anyone have any suggestions as to where I could start looking for
    information
    on this side of things?

    ------------------------------------------------------------------------------
    Internet Security Systems. - Keeping You Ahead of the Threat

    When business losses are measured in seconds, Internet threats must be stopped before they impact your network. To learn how Internet Security Systems keeps organizations ahead of the threat with preemptive intrusion prevention, download the new whitepaper, Defining the Rules of Preemptive Protection, and end your reliance on reactive security technology.

    http://www.securityfocus.com/sponsor/ISS_pen-test_041001
    -------------------------------------------------------------------------------

  • Next message: Renaud Deraison: "Re: Nessus question"

    Relevant Pages

    • Re: Turning off warnings
      ... Any one who makes a statement as insulting as "Umm yes. ... Systems Accountant in three major UK public companies - windows user since 3.11. ... Many home users have been coping with security issues for years, when UAC was not available, with few problems. ... The financial pages of newspaper are littered with examples of losses in businesses where there are sophisticated security procedures in place. ...
      (microsoft.public.windows.vista.general)
    • Re: Baby in a bag
      ... unknown for businesses to hire thugs to go out and kill the abandoned ... just Brazil. ... living Like quite a few of the people attending, I was in the security ... Fortunately the host had spent some time in Rio, ...
      (misc.survivalism)
    • Where the Dangers Are / The Threats to Information Security
      ... The threats to information security that keep the experts up at night ... -- and what businesses and consumers can do to protect themselves ... networks around the world. ...
      (comp.dcom.telecom)
    • Re: DHS to Put Smackdown on Hiring Crininal Beaners
      ... DHS to Crack Down on Hiring Illegals ... that would force businesses to fire them or face stiff penalties. ... Security is expected to issue a rule outlining how businesses must ...
      (alt.politics)
    • Re: My last post to this group (CT/OT)
      ... IT security is one of the leading concerns for all businesses ... in the market that large businesses are most at risk but this is untrue. ... threat. ... retaliating by beating the shit out of somebody was fun, ...
      (comp.sys.ibm.ps2.hardware)