Home Forums Features Opinions Bruce Schneier and Marcus Ranum on Pen Testing

Bruce Schneier and Marcus Ranum on Pen Testing

Viewing 2 reply threads
  • Author
    Posts
    • March 16, 2007 at 12:48 pm #1174
      CadillacGolfer
      Participant

      Anyone see this months issue of Info Sec magazine? 

      Bruce Schneier and Marcus Ranum did a face off piece on Penetration testing.  Not exactly a glowing recommendation of the profession.  At some level, I have to agree with what they say though.

    • March 16, 2007 at 1:46 pm #11900
      oleDB
      Participant

      Here is direct link

      http://informationsecurity.techtarget.com/magItem/0,291266,sid42_gci1245619,00.html

      After reading it, its pretty obvious neither of them are big proponents of pen testing. It makes sense on some level, if your not going to do anything with the report, why bother spending the money. The only reason is for it then would be compliance issues. I personally think pen testing does provide some value, but the market is flooded with below average pen testers which waters down the effectiveness of it. Also, I think simply coming in and reviewing and revising IT processes like patching, best practices, and IR policy is more effective then a network pen test in the long run.

    • March 16, 2007 at 3:00 pm #11901
      CadillacGolfer
      Participant

      I agree

  • Author
    Posts
Viewing 2 reply threads
  • You must be logged in to reply to this topic.

EH-Net - New Member Offer - Free eLS PTS Barebone Ed

EH-Net TV - Column Header

Upcoming Webinars

EH-Net Live! Still finalizing the details, so Stay Tuned for our next webinar coming on Thurs March 19 @ 1:00 PM EST. Reg Open Next Month!

EH-Net Live! January 2019 - A Perfect Crime

Past Webinars

EH-Net Live! AugustVideo & Deck Available Now! for “Shellcode for the Masses” w/ John Hammond from Jan 29.

EH-Net Live! DecemberVideo & Deck Available Now! for “Burp-less Hacking – Learning Web Application Pentesting on a Budget” w/ Phillip Wylie from Dec 19.

EH-Net Live! NovemberVideo & Deck Available Now! for “All Things CTF!” w/ Ray Doyle of EverSecCTF from Nov 21.

EH-Net Live! OctoberVideo & Deck Available Now! for “Hacking Humans” w/ Hadnagy, Paul & Baron from Oct 29.

See all EH-Net Live! Videos

More on the EH-Net YouTube Channel

Upcoming Events

  1. RSA Conference 2020

    February 24 - February 28

  2. Kernelcon 2020

    March 25 - March 28

  3. InfoSec World 2020

    March 30 - April 1

  4. NolaCon 2020

    May 15 - May 17

  5. Blue Team Con 2020

    June 20 - June 21

View All Events

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?