Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: [Dailydave] So when will the end of pen-tests begin?
From: Saad Kadhi (saaddocisland.org)
Date: Thu Nov 23 2006 - 02:18:28 CST
On Nov 23, 2006, at 5:48 AM, Isaac Dawson wrote:
> So when will these tests end? 5-10 years? 20? I know we will
> 'always' need security validation, but will customers
> be willing to spend the (sometimes insanely overpriced) amount for
> these types of tests?
> Is anyone else thinking about what they will do next? :)
Turning to risk-based security testing and working in an "inside-
>out" fashion for big software shops?
I don't think pen-tests will "end". Think about the actual trend of
distributed components, SOA etc. They may need recalibration (for ex.
by acquiring more knowledge beforehand on the inner guts of software
instead of a Black Box approach) and skills' honing but they still
and will remain an essential part of software security.
Saad Kadhi - http://saad.docisland.org/
"He who relieves the poor makes Ahura king"
Dailydave mailing list