HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 107 guests and 2 members online
EH-Net News Feeds
Latest Additions
 
Advertisement

You are here: Home arrow Forum arrow Featuresarrow Opinionsarrow Bruce Schneier and Marcus Ranum on Pen Testing
EH-Net
February 10, 2012, 04:06:50 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Advertise on EH-Net!! - Reasonable Rates, Highly Targeted Audience.
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Bruce Schneier and Marcus Ranum on Pen Testing  (Read 6465 times)
0 Members and 1 Guest are viewing this topic.
CadillacGolfer
Newbie
*
Offline Offline

Posts: 36


View Profile
« on: March 16, 2007, 07:48:54 AM »
Anyone see this months issue of Info Sec magazine? 

Bruce Schneier and Marcus Ranum did a face off piece on Penetration testing.  Not exactly a glowing recommendation of the profession.  At some level, I have to agree with what they say though.
Logged
oleDB
Recruiters
Full Member
*
Offline Offline

Posts: 236



View Profile WWW
« Reply #1 on: March 16, 2007, 08:46:29 AM »
Here is direct link

http://informationsecurity.techtarget.com/magItem/0,291266,sid42_gci1245619,00.html

After reading it, its pretty obvious neither of them are big proponents of pen testing. It makes sense on some level, if your not going to do anything with the report, why bother spending the money. The only reason is for it then would be compliance issues. I personally think pen testing does provide some value, but the market is flooded with below average pen testers which waters down the effectiveness of it. Also, I think simply coming in and reviewing and revising IT processes like patching, best practices, and IR policy is more effective then a network pen test in the long run.
« Last Edit: March 16, 2007, 09:53:28 AM by oleDB » Logged
CadillacGolfer
Newbie
*
Offline Offline

Posts: 36


View Profile
« Reply #2 on: March 16, 2007, 10:00:15 AM »
I agree
Logged
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.16 | SMF © 2011, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.221 seconds with 23 queries.
 

gk_static-ad_feb2012.jpg
Global Knowledge Training: Build Security Skills to Protect and Defend

offsec_130x200-2_jan-feb2012.png
Offensive Security
AWE Live in the Caribbean!
March 5 - 9, 2012

SANS Deals 4 EH-Netters
$150 OFF Any SANS Course in Any Format!
Coupon Code: Refer_EHN
Including SANS Phoenix 2012, SANS 2012
Recent Forum Topics

cbtnuggets_logo_125.jpg
Try CBT Nuggets Free!

Vote For EH-Net

Add to Technorati Favorites
technorati fave

 
         
Advertisement

© 2012 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.