×
The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.
Whether or not the company has IBM i knowledge is not important. Their goal is to do the same penetration testing they would do on any other system. You probably do not know enough to discuss "scope". Not being negative on anyone but these penetration companies know a lot more about what hackers would try to get into your system than the average IT manager does. The only scope would be an internal test versus an external test. You should do both. There are some items you may tolerate internally you would not tolerate externally. Then again, you also should not ignore all items flagged internally. Someone's PC could easily get hacked and that could attack your other systems.
Many of these PT's will return reports with many graphs. By frequency, severity, etc. They should be doing repeated testing. Perhaps monthly. Sometimes you can add exceptions, but I wouldn't go overboard on that.
Rob Berendt
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact
[javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
