| To: | pen-test@securityfocus.com |
|---|---|
| Subject: | Pen Testing Company and Legal Documentation |
| From: | "Ricardo Mourato" <ricardomcm@gmail.com> |
| Date: | Mon, 26 Feb 2007 20:33:41 +0000 |
| Delivered-to: | sp-com-lists@consult.net |
| Delivered-to: | pentest-list2@consult.net |
| Delivered-to: | mailing list pen-test@securityfocus.com |
| Delivered-to: | moderator for pen-test@securityfocus.com |
| Dkim-signature: | a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=qL2lEd9r9uNUSsUKDEz5TL6DYseMELM06XX+rRqVFJ4WgMWEr/VCYwrMV82nIWtUesvM8dq/rmu6QuSgS1FfCi4ceviaLpWzEoR7cUwbYFQ5Tvkx8nafn+dPoIhjKEdkfmxuh4iZbUKEKRMySZby6yeclHyw+NhQTqgraErEG/w= |
| Domainkey-signature: | a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=mh+U4tZADf7QDREA0xkzZQo3dDhEQjW5qRJbfGNoJ+9ExRI1/fy7pFdUCIYsunO/AKpj+yIuTq4YY1NeXK9e4pKLXygz1g6YBs70AimzGR5zv99Fz1oAKKxvf2v/DA0sWDAhc02kz5OArMZGzQWhr73y3LR45eEtJp0kEyqSuMY= |
| List-help: | <mailto:pen-test-help@securityfocus.com> |
| List-id: | <pen-test.list-id.securityfocus.com> |
| List-post: | <mailto:pen-test@securityfocus.com> |
| List-subscribe: | <mailto:pen-test-subscribe@securityfocus.com> |
| List-unsubscribe: | <mailto:pen-test-unsubscribe@securityfocus.com> |
| Mailing-list: | contact pen-test-help@securityfocus.com; run by ezmlm |
| Resent-date: | Mon, 26 Feb 2007 13:30:43 -0700 (MST) |
| Resent-from: | pen-test-return-1078483642@securityfocus.com |
| Resent-message-id: | <20070226203043.9343623B326@outgoing3.securityfocus.com> |
| Resent-sender: | listbounce@securityfocus.com |
| Sender: | listbounce@securityfocus.com |
hi folks, i'm thinking in creating a new department/service in my company. In this case focusing in penetration testing, nowadays we offer some services such as network consulting, VoIP, Server administration (Linux, BSD and windows) and other services that companys like my own do.. some of our customers frequently ask us about who can check if their networks are secure, check their security policies and other thinks, including penetration testing. my problem is, what documentation do i need to do this? i need some lawier to write any kind of agreement? or otherwise i can get into troubles? in more simple words, i think that i need papers (agreemnets, contracts, or whatever...) to do some penetration testing LEGALLY without getting on jail :P i'm correct? tnks in advice. ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------ |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: question on escalating privileges via suid vulnerabilities, Andrea Purificato - bunker |
|---|---|
| Next by Date: | Good Pentesting checklist, fleetscribbler |
| Previous by Thread: | question on escalating privileges via suid vulnerabilities, John McGuire |
| Next by Thread: | RE: Pen Testing Company and Legal Documentation, Fontanez Martin |
| Indexes: | [Date] [Thread] [Top] [All Lists] |