[WEB SECURITY] How to Pen Test Crazy

Ziots, Edward EZiots at Lifespan.org
Fri Jun 24 13:32:11 EDT 2011


Actually for a Pen-Test Standard, the guys that came up with this
standard are well-known, and spoke a Source Boston just a few months
ago. If you want to know how a real Pen-test should be conducted and
contain, and would like to contribute to the discussion I would check
out the page below. 


http://www.vulnerabilitydatabase.com/2011/05/pen-test-standard-alpha-rel
eased/

Z

Edward E. Ziots
CISSP, Network +, Security +
Security Engineer
Lifespan Organization
Email:eziots at lifespan.org
Cell:401-639-3505



-----Original Message-----
From: websecurity-bounces at lists.webappsec.org
[mailto:websecurity-bounces at lists.webappsec.org] On Behalf Of Pete
Herzog
Sent: Monday, June 20, 2011 3:42 PM
To: websecurity at webappsec.org
Subject: [WEB SECURITY] How to Pen Test Crazy

The current security model is crazy. And the current crazy testing 
methods actually make it look like it's not. I think that's why so 
many people fail to see how broken the current consumer-ready security 
model is. Look at the current attacks and how security companies, even 
HUGE ones with their security measures and countermeasures built on 
this model are letting the people hang.

This is how to pen test that scenario. This is how to pen test crazy.

The whole article is available at:

https://www.infosecisland.com/blogview/14651-How-to-Pen-Test-Crazy.html

Sincerely,
-pete.

-- 
Pete Herzog - Managing Director - pete at isecom.org
ISECOM - Institute for Security and Open Methodologies
www.isecom.org - www.osstmm.org
www.hackerhighschool.org - www.badpeopleproject.org

_______________________________________________
The Web Security Mailing List

WebSecurity RSS Feed
http://www.webappsec.org/rss/websecurity.rss

Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA

WASC on Twitter
http://twitter.com/wascupdates

websecurity at lists.webappsec.org
http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.
org




More information about the websecurity mailing list