|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: [PEN-TEST] "Get out of Jail Free"
From: Gregory Luckman (g.luckman
E-SECURE.COM.AU)Date: Tue Oct 31 2000 - 18:10:09 CST
- Next message: Bennett Todd: "Re: [PEN-TEST] ios/cisco packet sniffer..."
- Previous message: Etaoin Shrdlu: "Re: [PEN-TEST] Dead Thread"
- In reply to: Gallicchio, Florindo (2007): "Re: [PEN-TEST] "Get out of Jail Free""
- Reply: Gregory Luckman: "Re: [PEN-TEST] "Get out of Jail Free""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Ensure that the CIO is easily available by phone for conformation during the
audit. The intelligent integrator will assume that the letter is just a social
engineering attempt, and you don't want to be detained for a few hours until the
CIO is out of a meeting.
....Gregory
Quoting "Gallicchio, Florindo (2007)" <florindo.gallicchioESAVIO.COM>:
> In other words, the contract itself has the legal wording that gives us
> permission to do the security assessment, and we get a separate document
> for
> our auditors to carry with them when they're doing the social
> engineering/physical penetration test portion. A clearly written
> authorization letter from the client's CIO does the trick.
- Next message: Bennett Todd: "Re: [PEN-TEST] ios/cisco packet sniffer..."
- Previous message: Etaoin Shrdlu: "Re: [PEN-TEST] Dead Thread"
- In reply to: Gallicchio, Florindo (2007): "Re: [PEN-TEST] "Get out of Jail Free""
- Reply: Gregory Luckman: "Re: [PEN-TEST] "Get out of Jail Free""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]