RE: Any Recommendations for Intrusion Vulnerability Assessment?
From: Ken Pfeil (Ken_at_win2000toolbox.com)Date: 07/18/01
- Vorherige Nachricht: Robert Mooney: "RE: oracle question"
- Als Antwort auf: ProfesseurWoo_at_aol.com: "Any Recommendations for Intrusion Vulnerability Assessment?"
- Nachrichten sortiert nach: [ Datum ] [ Thread ] [ Subject ] [ Autor ] [ Attachement ]
Ooohh Boy. Get ready for the flurry o'preferences...This is like asking
which car is the best or which antivirus to run.
Some obvious questions are:
What criteria do you need to meet?
Are you looking down the road to SAS70 or ISO17799 (The artist formerly
known as BS7799 :) What company has staff on-hand that can assist to this
end?
Do you have any criteria that need to be met as an outcome, ie: HIPAA, GLBA,
etc.? Who has experience with these?
Do you run any "homegrown" applications in a production environment that
need the codebase audited?
What does your environment look like? Look for a company that has an
established relationship with the vendor of the platform you run. Makes
discovered vulns easier to correct BEFORE someone gets to you.
Is your budget limited? You get what you pay for.
Will the company custom tailor the engagement to fit your needs? Or is it
canned only?
Just a few, but you get the idea..
Regards,
Ken
> -----Original Message-----
> From: ProfesseurWoo_at_aol.com [mailto:ProfesseurWoo_at_aol.com]
> Sent: Wednesday, July 18, 2001 9:07 AM
> To: security-basics_at_securityfocus.com
> Subject: Any Recommendations for Intrusion Vulnerability Assessment?
>
>
> I am looking for a vendor to perform an intrusion vulnerability
> assessment. Does anyone have any recommendations?
- Vorherige Nachricht: Robert Mooney: "RE: oracle question"
- Als Antwort auf: ProfesseurWoo_at_aol.com: "Any Recommendations for Intrusion Vulnerability Assessment?"
- Nachrichten sortiert nach: [ Datum ] [ Thread ] [ Subject ] [ Autor ] [ Attachement ]
Relevant Pages
|
