Re: Evaluating pentesters



On Fri, Mar 5, 2010 at 7:01 PM, Tony Turner <tony_l_turner@xxxxxxxxx> wrote:
Is there some kind of "Who's Who" of penetration testing firms?

In theory, there is; see http://securityscoreboard.com

In practice, there's a lot of security companies listed on the site
which have little information about them posted. That's largely
due to the fact that the site is really just starting to gain momentum,
but it still means that not a lot of data is available.

Still, even without the full realisation of user scores and such, it's
a helpful resource IMO. Specifically, it provides a very nice list
of security companies broken down into specific categories.

As folks start becoming aware of the site and using it, the rest
will (hopefully) fall into place soon.

--
Jason

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------



Relevant Pages

  • Re: University plan
    ... As for where i would like to study, it doesn't really matter as long ... you want to be in the daily practice of computer ... universities with CIRTs, summer hires with the government, or internships ... Information Assurance Certification Review Board ...
    (Pen-Test)
  • Re: Data in transit (with a twist)...
    ... I need some best practice controls, ideally in the form of a best practice ... The risks are obvious. ... relation to the backup media, as well as the integrity and confidentiality ... Information Assurance Certification Review Board ...
    (Pen-Test)
  • Re: OSCP ?
    ... exploits and practice other chapters covered in the course. ... Information Assurance Certification Review Board ... IACRB CPT and CEPT certs require a full practical ... IACRB CPT and CEPT certs require a full practical examination in order to become certified. ...
    (Pen-Test)
  • Re: SQL passwords
    ... Practice Lead | Security Assessments & Digital Forensics ... where we could export the password hashes directly from our SQL ... Information Assurance Certification Review Board ... Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. ...
    (Pen-Test)
  • Re: IIS5 Null.Printer vulnerability exploitation tool
    ... The PoC tool for IIS5 Null.Printer Buffer Overflow vulnerability can ... Practice Lead | Security Assessment & Digital Forensics ... Comprehensive Information Security Training ... Information Assurance Certification Review Board ...
    (Pen-Test)