[VOIPSEC] voipscanner.com in beta - SaaS VoIP Security Scanning
Dustin D. Trammell
dtrammell at breakingpoint.com
Tue Apr 7 13:27:22 CDT 2009
On Tue, 2009-04-07 at 19:45 +0200, Sandro Gauci wrote:
> It might have to be a bit different because of voip consultants making
> use of such a system, but I like the model. Agreed, that would be a
> good start.
Security consultants generally require a hold-harmless agreement (i.e.,
get out of jail free card) when doing penetration tests, assessments, or
audits for a customer. Given the previous process to verify that the
customer owns particular IP address space, the consultant can prove that
they are authorized to target that company's address space via their
hold-harmless agreement with that company, or the company can provide
them an authorization letter, which they could then provide to you, and
you could verify it's authenticity with the company.
--
Dustin D. Trammell
Security Researcher
BreakingPoint Systems, Inc.
More information about the Voipsec
mailing list