Reply to post: Re: hire a more reputable firm

From pen-test to penitentiary: Infosec duo cuffed after physically breaking into courthouse during IT security assessment

Pascal Monett Silver badge

Re: hire a more reputable firm

Agreed. I cannot fathom how supposed professional pen testers failed to be explicit about what their action included.

As usual, lack of communication creates a misunderstanding which transforms into full-blown disagreement.

One would think that experienced pen testers would have already encountered this kind of situation and amended their proposal procedures accordingly. Am I supposed to understand that these guys have never, ever had a customer argue about what was authorized in the test protocol ?

Besides, I would think it is good marketing and a show of professionalism to list to the customer all the things the test will include. On top of that, had they done that they could shove the contract in the court's face and say : hey, you signed on this.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon