Penetration Testing

VBN · 27 Sep 2011 at 13:52

Hi

Was wondering if anyone can recommend a 3rd party for doing external penetration testing.

Thanks

playworker · 27 Sep 2011 at 13:54

The company I work for uses these guys: http://www.ecsc.co.uk/

ruffneck · 28 Sep 2011 at 10:36

We used PortCullis http://www.portcullis-security.com/

Can't recomend them enough.

edscdk · 28 Sep 2011 at 10:37

watched some videos about "the casting couch" he does penetration testing, but its more internal than external....

MasterPlan1 · 28 Sep 2011 at 11:06

edscdk said:
watched some videos about "the casting couch" he does penetration testing, but its more internal than external....

teehee, I was about to say the same thing.

martynbez · 28 Sep 2011 at 13:55

try these:

http://www.randomstorm.com/

Ev0 · 28 Sep 2011 at 17:11

One's I've dealt one way or another that seem decent

Portcullis
NGS Secure
ECSC

Also not dealt with first base but have met the guy who runs it and was a good chap.

Praetorian · 28 Sep 2011 at 18:07

I would say the guys I work for, as one of their Senior Consultants, but I don't want to break any kind of rule ... if any but would rather stay safe rather than be sorry

kefkef · 28 Sep 2011 at 18:20

We've used Sapphire most recently, quite good reports at the end of it.

Ev0 · 28 Sep 2011 at 18:24

Praetorian said:
I would say the guys I work for, as one of their Senior Consultants, but I don't want to break any kind of rule ... if any but would rather stay safe rather than be sorry

And who is that? (see I've asked you who you work for now so you can say

)

kefkef said:
We've used Sapphire most recently, quite good reports at the end of it.

I've not used them myself but a close friend has and likes them.

Praetorian · 28 Sep 2011 at 18:27

Information Risk Management (IRM) are the guys I currently work for Ev0. Been there nearly 3 years and do pretty much all of the service lines there so PCI, App/Infrastructure testing, physical security, ISO27001 + others ... to much to list

Check http://www.irmplc.com

Ev0 · 28 Sep 2011 at 18:29

Cool

Only ask as have been in discussions with a few companies about going to work for them and wondered if you were at one of them (you're not though

)

J.B · 28 Sep 2011 at 18:30

ruffneck said:
We used PortCullis http://www.portcullis-security.com/

Can't recomend them enough.

I've been out drinking with the portcullis guys, they are good fun.

Hire me!

Seriously, email me if you want to talk about it.

Praetorian · 28 Sep 2011 at 18:32

Do you mind if I ask who they would be? I've been in the industry since 2003, and security since 98, so I know quite a few of the peeps out there apart as its a really close nit industry .. almost incestuous

Ev0 · 28 Sep 2011 at 18:32

J.B said:
I've been out drinking with the portcullis guys, they are good fun.

I know a couple of them too, nice chaps.

On a little bit of a tangent, any companies people would recommend avoiding?

Praetorian said:
Do you mind if I ask who they would be? I've been in the industry since 2003, and security since 98, so I know quite a few of the peeps out there apart as its a really close nit industry .. almost incestuous

Check your email

Praetorian · 28 Sep 2011 at 18:43

Shall do .. not got anything yet though

Ev0 · 28 Sep 2011 at 18:44

hmm I sent it through trust, shall I just email the hotmail account in your trust?

Praetorian · 28 Sep 2011 at 18:48

Knowing my luck, that's probably an old email address even though everything looks fine in UserCP.

Drop me a mail at dino{@}65535 . co . uk

Remove the {} and spaces though hehe

Edit: Yep it was

Correct email address is now in trust

Ev0 · 28 Sep 2011 at 18:51

lol done, cheers

Praetorian · 28 Sep 2011 at 19:17

And replied

More than welcome .. as I said in the email, fell free to ask away anything else