The Ethical Hacker Network

Latest Additions

Who's Online

EH-Net Donations

Google Ads

ChicagoCon 2008s

EH-Net News Feeds

Latest Additions

Book Recommendations

Ethical Hacker Community Forums

July 04, 2008, 05:29:58 PM

Welcome, Guest. Please login or register.
Did you miss your activation email?

News: Podcasts and slide decks from ChicagoCon 2008s talks coming soon! Visit www.chicagocon.com.

Ethical Hacker Community Forums > General Discussions and Related Certifications > Ethical Hacking (Moderator: don) > Industry Regs

Pages: [1] Go Down

« previous next »

	Author	Topic: Industry Regs (Read 526 times)
0 Members and 1 Guest are viewing this topic.

Artful Dodger

Newbie

Offline

Posts: 14

Industry Regs

« on: May 07, 2008, 02:04:29 PM »

Hi everyone,
this should be an easy question, but I cant seem to find a good list. so I figured I would ask my new favorite site!

What industry regulations require Pen Testing? I know the sections in PCI, and I know HIPAA kinda almost suggests it. What other regs state that you must?


	Logged

RoleReversal

Sr. Member

Offline

Posts: 305

Re: Industry Regs

« Reply #1 on: May 08, 2008, 03:14:57 AM »

From my experience (BS7799/ISO27001 standards) pen testing isn't required for standards but it is the de factor standard for 'proving' your security posture is working. Basically if you don't do pen-testing you better have a good reason for not doing it and be able to explain to the auditors why you feel your systems are secure without standard testing.


	Logged

A little bit of sanity:
http://www.infosanity.co.uk

Pages: [1] Go Up

« previous next »

Jump to:

BackTrack2 VM w/ MSF3

Get it here NOW!

Support EH-Net

ChicagoCon 2008s

Support EH-Net by
Buying all of your
Amazon items using
the search bar above.

Try CBT Nuggets Free!

Recent Forum Topics

Ethical Hacking : Ferret (4) by Kev
Hardware : laptop battery (0) by iSmith
Other : why i dumped adobe (0) by iSmith
Ethical Hacking : An Ethical Hacker must have these skills... (26) by renoboy
Ethical Hacking : tapeworm’s 1337 h4×0r h4ndb00k (11) by iSmith
Mass Media : Hacking and Technology Movies (5) by don
Malware : Messbots.exe ??? (2) by RoleReversal
News Items and General Discussion About EH-Net : [Article]-June 2008 Free Giveaway - Winner (16) by RoleReversal
Programming : HTTP 401 << AnyOne with HTTP ??? (4) by jimbob
Programming : Programming basics, variables, expressions and statements (9) by stevieb
Programming : Programming for Security Professionals (2) by shakuni
Other : Microsoft Hyper-V Now Available (0) by don
Looking For Work : Experience wanted (17) by sgt_mjc
Ethical Hacking : WORDPRESS KICKS TYPEPAD…ONE REASON WHY. (1) by jason
Ethical Hacking : New PCI DSS Requirement (2) by jason
Hardware : nokia n770 or n800 (6) by jason
Hardware : Cisco hardware as a learning platform (13) by jason
Links to cool sites. : XSS Filter. (1) by jason
Tools : Sysinternals Suite (1) by jason
Ethical Hacking : Appropiate encryption for file systems! (1) by jason
Other : Western Governors University - IT Security Emphasis Degree (13) by jason
Mass Media : Air Force's Cyber Command General's slashdot interview (16) by jason
News from the Outside World : That's a lot to read... (2) by jason
Incident Response : 2008 Data Breach Investigation Report (1) by jason
Calendar Of Events : DEFCON 16 (22) by Kev

ChicagoCon 2008s

ChicagoCon 2008s Support EH-Net by Buying all of your Amazon items using the search bar above. Try CBT Nuggets Free!

ChicagoCon 2008s

ChicagoCon 2008s

Support EH-Net by
Buying all of your
Amazon items using
the search bar above.

Try CBT Nuggets Free!