Metasploit / Rapid7 (open source) BreakingPoint Systems (commercial) Sent from my mobile device... Chris On Jun 22, 2010, at 4:28 PM, "Scott Berkman" <scott@sberkman.net> wrote:
If I wanted someone to do this, I'd probably look at a security vendor instead of a general purpose consulting firm.
Some examples off the top of my head might include IBM's ISS and SecureWorks.
-Scott
-----Original Message----- From: Ken Gilmour [mailto:ken.gilmour@gmail.com] Sent: Tuesday, June 22, 2010 4:58 PM To: George Bonser Cc: nanog@nanog.org Subject: Re: Penetration Test Vendors
Depends on where you are... I've used Sysnet in Europe (www.sysnet.ie) and they are excellent. We used Deloitte ( http://www.deloitte.com/view/en_GX/global/services/enterprise-risk-services/ security-privacy-resiliency/pcidss/index.htm) in non-european countries, with not such a good result (but other people may have different experiences).
Regards,
Ken
On 22 June 2010 14:48, George Bonser <gbonser@seven.com> wrote:
Anyone have any suggestions for a decent vendor that provides network penetration testing? We have a customer requirement for a third party test for a certain facility. Have you used anyone that you thought did a great job? Anyone you would suggest avoiding?
Replies can be sent off list and I will summarize any feedback I might get from the community if anyone is interested.
George