Zodiac
A late reply... but my two-pence is that the most important thing you
should do is take up several customer references from each of the vendors.
There's several firms offering testing (big accountancy firms down to small
security specialists) who don't actually do a lot more than run
standard tools, or who don't do enough tests a year to have built up enoigh
expertise - so ensure a detailed phone chat with customers first.
Here at NTA Monitor, we test more organisations round Europe than
anyone else, and always prefer it when prospects want to talk to several
references - we let prospects select the companies off of our client
list that they'd prefer to talk to - so they can be sure they get a valid
reference.
Deri Jones
www.NTA-Monitor.com
At 04:21 15/02/01 -0800, Zodiac Mars wrote:
>We are a large financial institution, we are looking
>for doing a regular external penetration test from the
>internet to the DMZ servers. Could you help in
>recommending/suggestions in the criteria that we
>select the right vendor(s). Also I appreciate if you
>can recommend vendor(s)that you have experience with.
Deri Jones
www.NTA-Monitor.com
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
