cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 
Advocate II

Get Out of Jail Card?

If you accept a penetration test contract, make sure that your get-out-of-jail-card contract is not only rock solid, but also very specific about what you are expected to do, and who will know about it at the contracting organization, and exactly what to do if you are discovered during the test.

 

This advice is particularly critical of you include physical penetration testing.

 

Men arrested for breaking into Dallas County Courthouse after judicial branch hires them to test 'vu...
Anna Spoerre, Des Moines Register Published 5:05 p.m. CT Sept. 11, 2019 | Updated 5:41 p.m. CT Sept. 11, 2019

"Authorities later found out the state court administration did, in fact, hire the men to attempt "unauthorized access" to court records "through various means" in order to check for potential security vulnerabilities of Iowa's electronic court records, according to Iowa Judicial Branch officials."

...

"The men were employed with Coalfire, a cybersecurity advisor headquartered out of Colorado, Iowa Judicial Branch spokesman Steve Davis confirmed. "

 

 

Dr. D. Cragin Shelton, CISSP
Dr.Cragin@iCloud.com
https://CraginS.blogspot.com/
My Community Profile
My LinkedIn Profile
1 Reply
Highlighted
Contributor II

Re: Get Out of Jail Card?

I have successfully with and had good success with Coalfire so I am surprised they overlooked the GOOJFC so easily. If nothing else its something beaten into your head in certain SANS training courses.

 

- B/Eads