Hi, You should take a look on Open Source Security Testing Methodology (OSSTMM). It enumerates things to do or not to [ link; http://www.osstmm.org or http://www.isecom.org ] Also, guys from vulnerabilityassessment.co.uk has a very good checklist (called Pre Site Inspection Checklist) http://www.vulnerabilityassessment.co.uk/Presite%20Inspection.html Hope this helps you out. Security-Database.com Team > I am chartered with having a connection pen-tested. I'm trying to > determine the requirements for a statement of work for outsourcing. > > The objective of the pen-test is to validate technical controls that > prevent unauthorized access to and from our network. > > Does anyone have a standard SOW for this type of testing? > > > ------------------------------------------------------------------------ > This List Sponsored by: Cenzic > > Need to secure your web apps? > Cenzic Hailstorm finds vulnerabilities fast. > Click the link to buy it, try it or download Hailstorm for FREE. > > http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------ |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: [New Tool]PReplay - A pcap traffic replay tool, crazy frog crazy frog |
|---|---|
| Next by Date: | Novell Password Cracking Issue, orwell6717 |
| Previous by Thread: | Pen-Test requirements, bigsteff_itsec |
| Next by Thread: | Announcement: The Cross-site Request Forgery FAQ, bugtraq |
| Indexes: | [Date] [Thread] [Top] [All Lists] |