No, unfortunately there is not a new wacky way to conduct penetration tests using one of Amazon's services.
However, there is a new wacky way to try to sell penetration tests/vulnerability assessments!
By trying to sell them on Amazon!
Because we all know when a company is looking for a security assessment, Amazon is the first place they go looking, right? That way you can compare prices easy, get a discount with your Amazon card, and even get it gift wrapped if you like! (Perhaps you can even get a used pen test that some 3rd party is selling for a fraction of the price!)
LAC (the Little eArth Corporation), one of the biggest security vendors in Japan has started selling web security assessments via amazon.jp yesterday. (2009/2/18)
The prices start out at around $500USD for a basic scan to make sure your site is not vulnerable to SQL Injection and XSS.
This is actually not the first time some crazy people had a go at this.
Two years ago, an organization got my company to do the exact same thing on Rakuten, the "Japanese version" of Amazon. (Well, Amazon.jp is actually the Japanese version of Amazon but it is kind of similar, its a huge online shopping mall.) We knew no one in their right mind would buy a pen test from a place like that but figured it wouldn't do any harm so we let the organization do as they pleased.
Needless to say, no one came knocking on our doors for a gift wrapped pen test.
Source:
http://itpro.nikkeibp.co.jp/article/NEWS/20090218/324969/
0 件のコメント:
コメントを投稿
Please leave me feedback..