Penetration Test Vendors - The List

George Bonser gbonser at seven.com
Tue Jul 6 17:24:35 UTC 2010


Quite a varied list.  As one respondent put it (possibly paraphrased)
"security testing is like underwear, everyone has their own preference".
In this case we are likely to go with one of the vendors suggested by
our client who has done work for them before and who they feel
comfortable with.

Thanks for your feedback, everyone, and I hope I didn't miss any.


VZB (Verizon Business)
IBM ISS (multiple positive)
SecureWorks MSS (multiple positive recommendations, multiple negative)
Sysnet (sysnet.ie)
Deloitte (reported poor result)
British Telecom Managed Services
Mandiant
Inguardians (multiple positive)
Metasploit
Rapid7
BreakingPoint
Counterpane
MWR Infosec
Corsaire
KPMG (negative)
Vulnerability Research Labs
C2 Company
Fishnet Security
Neohapsis
Trustwave/Ambiron (multiple positive, multiple negative)
Terremark
Qualys
Foundstone
Netcraft
Patch Advisor
Praetorian Global
Netragard
Enclave
Core Security Technologies
Matasano
Stach & Liu
Gotham Digital Science
Secure Network Technologies




More information about the NANOG mailing list