Don't bother. It's security theater. It easy to run automated tests, but the chance it will actually catch something that you wouldn't know about by reading the proper security mailing lists is negligible. These days most malware gets in through end users doing stupid things. China hacked Google with a phishing attack. There's no completely technical solution for that. Educate users as best you can. If there's sensitive data on your network, make sure only people who need access have access. Assume that your network will be compromised. Have a strategy to restore things quickly when that happens. Tal Cohen <wlug@cohen123.com> wrote:
I need a penetration tester (individual or firm) to run some tests against my network.
Anyone have any recommendations they care to share?
Thanks!
Tal
_______________________________________________ Wlug mailing list Wlug@mail.wlug.org http://mail.wlug.org/mailman/listinfo/wlug