Security Ripcord » Blog Archive » Initial Assessment and Pentesting Stages

Security Ripcord

Pages
Poll
Should companies that have experienced a data breach be required to disclose this fact on their websites?
- Yes, this would be very helpful.
- Yes, but for only one to three years.
- No, this would have no value.
- Absolutely not!! The business is the victim not the criminal.
View Results
Associations
Recent Posts
Archives
Categories
- Apple
- Assessment
- atlas
- BackTrack
- Blogging
- Breaches
- Bunny Ranch
- Business Continuity
- CCDC
- CISecurity
- Comic
- Conferences
- consulting
- Core Impact
- Corpus Christi
- Data
- DefCon
- DHS
- Disassembly
- Disaster Recovery
- Education
- EHN
- Email
- Emotional
- Encryption
- Ethics
- Exploits
- F-Response
- Feeds
- Firefox
- Firewalls
- forensics
- Hacking
- Helpful
- IDS
- Incident Response
- InGuardians
- Interviews
- Into The Boxes
- Kudos
- Leadership
- Levels of Awareness
- Linux
- Logging
- Login Warning Banner
- Malware
- Management
- McKeay
- Memory
- Metrics
- Microsoft
- Mystery Box Challenge
- Network Diagrams
- Networking
- NIST
- NMap
- Obscurity
- Paros Proxy
- Passwords
- Patch Management
- PDC
- Penetration Testing
- Personnel Behavior
- Podcast
- police
- Policy
- Poll
- Presentations
- Professionalism
- Programming
- Risk
- ROSI
- SANS
- SCRUM
- Security
- Security Catalysts
- Security Vendors
- Sensitive Information
- Snort
- Sourcefire
- Speaking
- SSH
- Texas
- Thin Clients
- Tools
- Twitter
- Uncategorized
- Unix
- Update
- USMC
- UTM
- Virtual Machines
- Vulnerability
- Web
- Weekly Wrap-up
- Wordpress
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported.

SBN Lijit Search
Lijit Search
RSS Feed
State of the Internet
Training Support

Help support my training and travel to security conferences. Get your SANS Training and GIAC Certifications through the Security Ripcord.
Security Bloggers Network
Blogroll
PodCasts
Security
- SANS/GIAC
Recent Comments

Initial Assessment and Pentesting Stages

June 5th, 2007 cutaway Posted in Uncategorized | No Comments » 948 views

Jeremiah Grossman’s content is always spot on. This time he has provided us with a great tutorial for how to begin an assessment or penetration test. In his latest post titled “How to find your websites (Road to Website Vulnerability Assessment part 1)” he outlines some methods for identifying and validating your targets. Although his guidance is generated for web assessments these steps, as I have already stated, are a great start and should be incorporated into your assessment or penetration test plans.

If you haven’t yet, you should definitely add Jeremiah to your feed list or blogroll.

Go forth and do good things,
Cutaway

Technorati Tags: Security Ripcord, security assessments, penetration testing, pentesting, Jeremiah Grossman

Help support my training and travel to security conferences. Get your SANS Training and GIAC Certifications through the Security Ripcord.

Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported.

You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

« The Indians Got The Small Business

Dear Senator: Weather Satellites are Critical Assets »