Blue Team ROE



List,

I wanted to send out a general email asking the members of this list their professional opinions on being limited during a Blue Team pen-test. I have a govt customer that is trying deny us the ability to remove password hashes/files from the system for cracking, write procedures for every tool/exploit that could be possibly executed, not allow the loading of any tools/exploits on target systems, things like that..... Of course my reaction is that my company will not perform the assessment with such restrictions, what are some thoughts from this list on this subject?

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------



Relevant Pages

  • RE: Informing Companies about security vulnerabilities...
    ... In this case the unauthorised access to a wireless network was ... Need to secure your web apps? ... Cenzic Hailstorm finds vulnerabilities fast. ...
    (Pen-Test)
  • Re: reverse proxy identification
    ... Need to secure your web apps? ... Cenzic Hailstorm finds vulnerabilities fast. ... Click the link to buy it, try it or download Hailstorm for FREE. ...
    (Pen-Test)
  • Fwd: Re: tools to scan source code
    ... design) that can only be found with manual secure code reviews and secure architecture ... Need to secure your web apps? ... Cenzic Hailstorm finds vulnerabilities fast. ...
    (Pen-Test)
  • RE: Fwd: Re: tools to scan source code
    ... design) that can only be found with manual secure code reviews and secure architecture ... Need to secure your web apps? ... Cenzic Hailstorm finds vulnerabilities fast. ...
    (Pen-Test)
  • RE: DNS mapping
    ... Need to secure your web apps? ... Cenzic Hailstorm finds vulnerabilities fast. ... Click the link to buy it, try it or download Hailstorm for FREE. ...
    (Pen-Test)