Home > Ask the Security Experts > Questions & Answers > Considerations for hiring hacker teams for penetration testing
Ask The Security Expert: Questions & Answers
EMAIL THIS

Considerations for hiring hacker teams for penetration testing

Ed Skoudis EXPERT RESPONSE FROM: Ed Skoudis

Pose a Question
Other Security Categories
Meet all Security Experts
Become an Expert for this site
>
QUESTION POSED ON: 04 September 2002
I would like to know more about hacker teams who hire themselves out to companies to conduct permitted hacks of their systems. Where can I find information about them? What are the advantages and disadvantage of these teams of hackers?

>

Be very careful with this one! While there are many reputable companies who conduct so-called "penetration tests," there are also a lot of charlatans in this business. You need to do a thorough background check of any ethical hacking company you hire to penetrate your organization. You are giving these folks carte blanche to attack your systems. Ask them what their practices are regarding hiring ex-criminals. Ask them about their own background check procedure. Look for folks working at large, reputable consulting firms. Ask them about liability; what financial backing do they have if something goes awry?

Keep in mind, though, that penetration testing can be a very good thing, as it can help you find vulnerabilities before the bad guys do. The advantages include getting a "hacker's-eye" view of your security, where the rubber meets the road. The disadvantage is that your results will be a snapshot in time when you ran the test and won't reflect your environment next week. So, I recommend proceeding, but with caution.

For more information on this topic, visit these other SearchSecurity.com resources:
News & Analysis: Think twice about hiring a 'white-hat' hacker
News & Analysis: Audits confirm enterprise security
Featured Topic: Penetration testing

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary



Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.
Browse our Expert Advice



Find Security Solutions for Your Business
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts