The Ethical Hacker Network

Latest Additions

Who's Online

EH-Net Donations

Google Ads

ChicagoCon 2008f

EH-Net News Feeds

Latest Additions

Book Recommendations

Ethical Hacker Community Forums

October 06, 2008, 06:03:28 PM

Welcome, Guest. Please login or register.
Did you miss your activation email?

News: Registration Now Open for ChicagoCon 2008f Oct 27 - Nov 2! Visit www.chicagocon.com.

Ethical Hacker Community Forums > Ethical Hacking Discussions and Related Certifications > Network Pen Testing (Moderator: don) > Industry Regs

Pages: [1] Go Down

« previous next »

	Author	Topic: Industry Regs (Read 728 times)
0 Members and 1 Guest are viewing this topic.

Artful Dodger

Newbie

Offline

Posts: 19

Industry Regs

« on: May 07, 2008, 02:04:29 PM »

Hi everyone,
this should be an easy question, but I cant seem to find a good list. so I figured I would ask my new favorite site!

What industry regulations require Pen Testing? I know the sections in PCI, and I know HIPAA kinda almost suggests it. What other regs state that you must?


	Logged

RoleReversal

Sr. Member

Offline

Posts: 431

Re: Industry Regs

« Reply #1 on: May 08, 2008, 03:14:57 AM »

From my experience (BS7799/ISO27001 standards) pen testing isn't required for standards but it is the de factor standard for 'proving' your security posture is working. Basically if you don't do pen-testing you better have a good reason for not doing it and be able to explain to the auditors why you feel your systems are secure without standard testing.


	Logged

A little bit of sanity:
http://www.infosanity.co.uk

Pages: [1] Go Up

« previous next »

Jump to:

Support EH-Net

ChicagoCon 2008f

Support EH-Net by
Buying all of your
Amazon items using
the search bar above.

Try CBT Nuggets Free!

Recent Forum Topics

News Items and General Discussion About EH-Net : [Article]-MS Blue Hat Hackers Headline Chicago Security Con (0) by don
OSCP - Offensive Security Certified Professional : Next Up OSCP101 v2.0 (8) by KrisTeason
Hardware : Encryption (3) by RoleReversal
Hardware : Cisco Security (5) by scucci
Other : Holiday Ideas (2) by don
Career Central : Help Getting Started (3) by dalepearson
Network Pen Testing : Hack me? (4) by dalepearson
Career Central : information security future (2) by dalepearson
Career Central : Computer Science degree vs. anything else? (3) by dalepearson
Network Pen Testing : What info can be obtained just from IP (6) by shakuni
News from the Outside World : Chertoff Pushes for Einstein 3.0 Cyber Counterattack System (0) by don
Murray : [Article]-Column 0: Human Exploitation 101 (2) by Kev
Forensics : career in computer forensics (7) by BillV
Tools : ServifyThis (8) by ChrisG
Other : Exploit Questions (10) by ChrisG
Tools : Cain & Abel v4.9.23 Released (0) by don
Wireless : IP address (4) by shednik
Malware : New DOS Attack Is a Killer.. (from Dark Reading) (6) by RoleReversal
Malware : Whitehat rootkits to prevent theft? (13) by Kev
Wireless : need info about hackin (3) by zals_hacker7
Wireless : Elvis Comes Back from Dead to Prove RFID Passports Lack Security (0) by Fathercat
Other : What Security Podcasts? (5) by slimjim100
Tutorials : Alright... (11) by shednik
Other : HIPAA Equivalent in the UK? (1) by NickFnord
Tools : SysInternals Update (0) by RoleReversal

ChicagoCon 2008f

ChicagoCon 2008f Support EH-Net by Buying all of your Amazon items using the search bar above. Try CBT Nuggets Free!

ChicagoCon 2008f

ChicagoCon 2008f

Support EH-Net by
Buying all of your
Amazon items using
the search bar above.

Try CBT Nuggets Free!