[Fwd: Re: Moving from Defense to Offense (or vice versa) to secure your network]
From: Max Ashton (maxashton_at_eml.cc)
Date: 11/27/05
- Previous message: James Eaton-Lee: "Re: Moving from Defense to Offense (or vice versa) to secure your network"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: pen-test@securityfocus.com Date: Sun, 27 Nov 2005 15:18:08 +0000
-------- Forwarded Message --------
> From: Max Ashton <maxashton@eml.cc>
> To: Erin Carroll <amoeba@amoebazone.com>
> Subject: Re: Moving from Defense to Offense (or vice versa) to secure
> your network
> Date: Sun, 27 Nov 2005 15:16:22 +0000
> Hi Erin
> >
> > So I was hoping some list members would share some similar experiences with
> > us. How many of you have switched between offense/defense and what were some
> > of the stumbling blocks or key differences you found in how you approached
> > your goals? Is it worth it to cross-train in some manner? How have you sold
> > someone on the advantages of penetration-testing your network to quantify
> > and test the effectiveness of your existing defenses?
>
> I think it's definately worth cross training here, as i'm sure others
> will agree. There's an old saying, "Sometimes the best defence is a good
> offence". You can't expect to call your own network secure if you
> haven't even run a penetration test on it. If you don't know how to
> break a network, you won't be as good as you could be at defending it.
>
> There are a *lot* of tools out there that an attacker can use to gain
> insight into your network, and you're only going to be able to stop them
> if you know what they know.
>
> Know what i'm saying?
>
> Max
- application/x-pkcs7-signature attachment: smime.p7s
- Previous message: James Eaton-Lee: "Re: Moving from Defense to Offense (or vice versa) to secure your network"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
