NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Pen-test> 2009-07

Re: Verify Your Security Provider -- The truth behind manual testing.

From: Adriel T. Desautels (ad_listsnetragard.com)
Date: Fri Jul 17 2009 - 19:50:25 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

You are an individual researcher. And why might I ask do you need to
hide behind an alias? If you
do research that is both legal and ethical and if you follow the best
practices that you can follow, then
why wouldn't you want your name associated with your hard work?

On Jul 17, 2009, at 8:21 PM, Stack Smasher wrote:

>
> I think this discussion is seriously flawed. I am a security
> researcher who uses several different online aliases when I am
> interviewed so I can speak without the fear of corporate or legal
> repercussions. My professional person is never tied to my online
> presence.
>
>
> I like it better that way.
>
>
>
>
>
> On Fri, Jul 17, 2009 at 7:05 PM, Tim <tim-
> pentestsentinelchicken.org> wrote:
> > Anyway, I didn't say Only use facebook did I? Use any means
> > possible. Bottom line is though, if the company has researchers,
> then
> > the company will have published advisories. If they've done that,
> then
> > you should be able to get a good idea of their capability by doing
> > research on their research.
>
> Yeah, I agree that something novel should be getting generated.
> Perhaps a better way to go about obtaining it, is simply to ask your
> vendor what research their consultants have published. For instance
> most of what I publish isn't tied directly to my company as I do quite
> a bit of it on my own time.
>
>
> > Btw, if you comment on the blog, I might post it. :)
>
> Call me old school, but I actually like mailing lists...
>
> cheers,
> tim
>
> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification
> Review Board
>
> Prove to peers and potential employers without a doubt that you can
> actually do a proper penetration test. IACRB CPT and CEPT certs
> require a full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------
>
>
>
>
> --
> "If you see me laughing, you better have backups"
>
>

        Adriel T. Desautels
        ad_listsnetragard.com
         --------------------------------------

Subscribe to our blog
http://snosoft.blogspot.com

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]