Anyone have any suggestions for a decent vendor that provides network
penetration testing? We have a customer requirement for a third party
test for a certain facility. Have you used anyone that you thought did a
great job? Anyone you would suggest avoiding?
Replies can be sent off list and I will summarize any feedback I might
get from the community if anyone is interested.
George
I'm interested in a summary of what people suggest.
--Matt
Depends on where you are... I've used Sysnet in Europe (www.sysnet.ie) and
they are excellent. We used Deloitte (
http://www.deloitte.com/view/en_GX/global/services/enterprise-risk-services/security-privacy-resiliency/pcidss/index.htm)
in non-european countries, with not such a good result (but other people may
have different experiences).
Regards,
Ken
If I wanted someone to do this, I'd probably look at a security vendor
instead of a general purpose consulting firm.
Some examples off the top of my head might include IBM's ISS and
SecureWorks.
-Scott
Metasploit / Rapid7 (open source)
BreakingPoint Systems (commercial)
Chris
I use to use ISS on the last 4 year. They are very good. Helped us find many problem and suggest mitigation for each of them.
Secureworks MSS group, formerly VeriSign's MSS division, has a great
pentest group.
Best,
Marty
British Telecom managed services, Mandiant and Inguardians.
Verizon Business (formerly CyberTryst formerly ...)?
Verizon Business ( purchased the cybertrust group)