Penetration Testing
confidentiality agreement Jul 10 2012 09:14PM
Daniel Calvo Castro (daniel calvo kernelsecurity es) (1 replies)
Re: confidentiality agreement Jul 11 2012 05:39PM
Juan F. Campos - Computalleres.com (jfcampos computalleres com)
Hi,

You should contact a lawyer. What works in a county "x" might not apply
in country "y". Also check these links:

PTES
http://www.pentest-standard.org/index.php/Pre-engagement

SecList
http://seclists.org/pen-test/2005/Jun/307

http://www.pwcrack.com/penetration_contract.shtml

NOTE: No estoy seguro si lograrás encontrar un modelo en español, pero
los enlaces anteriores pueden ayudarte. Aunque creo que por aqui
teníamos uno que usamos nosotros mismos, déjame ver.

Creo que es mejor desarrollarlo así estás bien pero bien claro del
ámbito de tu servicio.

Básicamente, lo que debes dejar plasmado es que manejaras todo con mucha
confidencialidad y que las fallas que puedan ocurrir a causa de los
exploits/ataques que hagas no son tu responsabilidad.

Regards,

Juan F. Campos

On 07/10/2012 03:14 PM, Daniel Calvo Castro wrote:
> Hi all list,
>
> I would ask to pentesters if someone could send me or point me to get
> a good Spanish confidentiality agreement model between the parties,
> client and company to perform a pentest.
>
>
> Thanks in advance,
>
>
> Cheers !
>
> ------------------------------------------------------------------------

> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------

>

------------------------------------------------------------------------

This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus