As the information security officer for a financial institution, what questions should I ask prospective penetration testing consultants before I agree to the test?
While this list isn't exhaustive, here are a few that I would ask:
Also, a good paper to read on this subject is, "Penetration Testing -- Is it right for you?", by Jimmy Braden, available on the SANS Institute site.
For more info on this topic, please visit these SearchSecurity.com resources:
Dig Deeper on Security Testing and Ethical Hacking
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.