[127348] in North American Network Operators' Group
RE: Penetration Test Vendors
daemon@ATHENA.MIT.EDU (Scott Berkman)
Tue Jun 22 19:27:59 2010
From: "Scott Berkman" <scott@sberkman.net>
To: "'Ken Gilmour'" <ken.gilmour@gmail.com>,
"'George Bonser'" <gbonser@seven.com>
In-Reply-To: <AANLkTilwCe-2-gZih-s1FlgsNUxI9RZQZVvQ-ZdZHBzy@mail.gmail.com>
Date: Tue, 22 Jun 2010 19:27:43 -0400
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
If I wanted someone to do this, I'd probably look at a security vendor
instead of a general purpose consulting firm.
Some examples off the top of my head might include IBM's ISS and
SecureWorks.
-Scott
-----Original Message-----
From: Ken Gilmour [mailto:ken.gilmour@gmail.com]
Sent: Tuesday, June 22, 2010 4:58 PM
To: George Bonser
Cc: nanog@nanog.org
Subject: Re: Penetration Test Vendors
Depends on where you are... I've used Sysnet in Europe (www.sysnet.ie) and
they are excellent. We used Deloitte (
http://www.deloitte.com/view/en_GX/global/services/enterprise-risk-services/
security-privacy-resiliency/pcidss/index.htm)
in non-european countries, with not such a good result (but other people may
have different experiences).
Regards,
Ken
On 22 June 2010 14:48, George Bonser <gbonser@seven.com> wrote:
> Anyone have any suggestions for a decent vendor that provides network
> penetration testing? We have a customer requirement for a third party
> test for a certain facility. Have you used anyone that you thought did a
> great job? Anyone you would suggest avoiding?
>
> Replies can be sent off list and I will summarize any feedback I might
> get from the community if anyone is interested.
>
> George
>
>
>
