RE: [Packet-ninjas-syn-k1ck] Anyone know CENZIC?

Yeah I know about those guys.

I would have to say out of all the companies I have talked with in the
last 5 years CENZIC has to by far be the rudest bunch of people I have
ever dealt with.

I don't know anyone that has used them for a pentest, but from the brief
experience I have had with them over the phone they don't deserve my
business, nor the business of any of my friends.

I have yet to meet one of their pentesters at any conferences in the
last 3 or 4 years or met any of their pentesters on any chat rooms or
mailing lists.

About all I know is they are insulting, arrogant, and somehow believe
they can cold call everyone and their mom that posts to any security
mailing list on the net.

On a lighter note they do have a cool sql injection tool that I believe
was written by Greg Hogland.
All in all if your looking for a good pentest company I can recommend
the following people.

- sensepost.
- sm4rt. - you won't find too much on their
site but if you look around the net these guys contribute a great deal
to the community. (eg. Check out

I cannot however recommend cenzic purely by the way they treat potential

-Daniel Clemens

-----Original Message-----
From: packet-ninjas-admin@xxxxxxxxxxxxxxxxxxxxxxxx
[mailto:packet-ninjas-admin@xxxxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Gary
Sent: Thursday, March 30, 2006 4:14 PM
To: Packet Ninjas
Subject: [Packet-ninjas-syn-k1ck] Anyone know CENZIC?

Cold call today from CENZIC. Claim to be a Penetration Testing company
and web application security testing company.

Anyone heard of them or have experience with them?


Packet-ninjas mailing list

Confidentiality Notice: This e-mail communication and any
attachments may contain confidential and privileged information for
the use of the designated recipients named above. If you are not
the intended recipient, you are hereby notified that you have
received this communication in error and that any review,
disclosure, dissemination, distribution or copying of it or its
contents is prohibited. If you have received this communication in
error, please notify me immediately by replying to this message and
deleting it from your computer. Thank you.

This List Sponsored by: Cenzic

Concerned about Web Application Security?
As attacks through web applications continue to rise, you need to proactively
protect your applications from hackers. Cenzic has the most comprehensive
solutions to meet your application security penetration testing and
vulnerability management needs. You have an option to go with a managed
service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm).
Download FREE whitepaper on how a managed service can help you:
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@xxxxxxxxxx

Relevant Pages

  • [TOOL] Fakebust - Fake Exploit Code Detector
    ... Get your security news from a reliable source. ... Fakebust is a simple, open-source, user-friendly, intuitive and very rapid ... sources or binaries recovered from Usenet groups, mailing lists, various ... indeed works is to execute it - but if it turns out to be a Trojan horse, ...
  • Re: [Full-disclosure] virus in email RTF message MS OE almost disabled
    ... Information Security Analyst ... virus in email RTF message MS OE almost ... knows that you are vulnerable and that you open email attachments, ... This email communication and any attachments may ...
  • [Full-Disclosure] Security Industry Under Scrutiny: Part 3
    ... Subject: Security Industry Under Scrutiny: Part 3 ... information that could pose a threat to internet security. ... > So you expect mailing list moderators to be the judge of who deserves what? ... moderators of major mailing lists, or any smaller ones that work really well. ...
  • Re: Need Some Guidance Please
    ... This must also be tested on a pentest. ... must evaluate the it security team responce, not only the "patched or not ... Finally, an a real attacker, would not ask to the it department for their ... to protect your company is to do this: ...
  • Re: Security updates are too slow or none existant
    ... Any discussion of the handling security issues is always going to be ... regard to how the security update process is being handled with Fedora. ... The key question of course with regard to the httpd update is what was ... the issues of guidelines and communication on how to ...