I have seen this in a University setting. The Unix side of the house said this was all that was needed the Windows side said BS but since most of Management liked the lack of real cost they took the Unix sides word and that became law.
Jon On Mon, Mar 5, 2012 at 8:12 AM, Ziots, Edward <[email protected]> wrote: > Not sure if anyone on the list is responsible for Vul Scanning in their > organizations/business or Pen testing there systems, but it still blows my > mind that we have folks out there providing services to organizations and > business calling the output from a Qualys or Nessus vulnerability scanner a > Pen-test. I am current been going through someone else work for about 1.5 > weeks validating the scanners findings on the systems, so I can get working > on slimming down a 225 page report to something that is realistic and > achievable. **** > > ** ** > > Sorry about the rant, it isn’t how I wanted to start my Monday morning. ** > ** > > ** ** > > Z**** > > ** ** > > Edward Ziots**** > > CISSP, Security +, Network +**** > > Security Engineer**** > > Lifespan Organization**** > > [email protected]**** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
