August 23, 2015 at 9:59 am
We're currently using a 3rd party to do our penetration testing on a quarterly basis and, to be honest, it's expensive. I Googled for penetration testing software (both free and paid for) and there are an insane number of such offerings.
With that in mind and for those of you doing your own penetration testing, do you have any recommendations that I could check on to narrow down my search a bit?
Thanks for the help folks.
--Jeff Moden
Change is inevitable... Change for the better is not.
August 24, 2015 at 11:34 am
Heh... perhaps a better question would be, "Are any of you good folks doing penetration testing of your apps and/or your database servers"?
--Jeff Moden
Change is inevitable... Change for the better is not.
August 27, 2015 at 8:56 am
Jeff Moden (8/23/2015)
We're currently using a 3rd party to do our penetration testing on a quarterly basis and, to be honest, it's expensive. I Googled for penetration testing software (both free and paid for) and there are an insane number of such offerings.With that in mind and for those of you doing your own penetration testing, do you have any recommendations that I could check on to narrow down my search a bit?
Thanks for the help folks.
I am not involved directly with the penetration testing here but our switches keep denying everyone after a test. 🙂
Anyway what I wanted to bring up is, if you are doing certification then would not a 3rd party be needed?
August 27, 2015 at 9:13 pm
I guess it depends. Supposedly, if you can prove how you tested, you can be certified. I personally don't think it's worth the time to do it ourselves. Even with that negative thought on my part and even if we can't certify by doing it ourselves, it would be good and less expensive for us to be able to test to find things and fix them rather than the 3rd party finding them and us getting caught in the small but expensive loop of they find it, we fix it, they test again, oops, we didn't really fix it, we fix it again, wash, rinse, repeat.
It would be much less expensive if we found, we fixed it, and there was nothing for them to find.
--Jeff Moden
Change is inevitable... Change for the better is not.
August 28, 2015 at 4:28 am
Understand completely. There is also the we test, find, fix then get a certification test from 3rd party. (If needed)
Viewing 5 posts - 1 through 4 (of 4 total)
You must be logged in to reply to this topic. Login to reply