Penetration Testing
Re: JIRA Pentest Oct 18 2011 09:05PM
Bog Witch (iambogwitch gmail com)

Sorry, I think you misunderstood. I am looking for a company (or
contractor) that has recent, specific experience of testing a JIRA
installation for a potential short-term contract for a friend of mine.
I appreciate that I could DL and install or even mirror the
installation but he is hoping to have a professional test done rather
than the 'enthusiastic amateur' test that I would perform as I do not
have experience of JIRA specifically.



On Tue, Oct 18, 2011 at 8:54 PM, <securityfocus (at) rawchaos (dot) com [email concealed]> wrote:
> The free version of Jira (I believe it's a 30 day trial) is exactly the same as the commerical product.  The only difference between all of the download pay versions is how many user licenses you are allowed (so the $10 version would be just as good if you need more than 30 days).
> The hosted (managed) versions of Jira will probably be different, but I doubt that is what you are looking to do research on.
> Aside from that it's a pretty standard Tomcat application.
> -a
> On Tue, Oct 18, 2011 at 04:28:34PM +0100, Bog Witch wrote:
>> All,
>> Is there anyone on this list with commercial JIRA pentest exposure?
>> Please email responses directly.
>> Thanks,
>> Bog


This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus