[attrition] Five Dollar Security; You Get What You Pay For
security curmudgeon
jericho at attrition.org
Mon Jan 2 03:04:07 CST 2012
http://attrition.org/security/rants/you_get_what_you_pay_for/
Five Dollar Security; You Get What You Pay For
Mon Jan 2 03:00:32 CST 2012
The old phrase "If it looks too good to be true, it probably is" is very
common, and usually well founded. After seeing an offer for a $5 "security
status" of a website, we just had to test it out. Since the service is
being offered by a Certified Ethical Hacker (C|EH) with 13 years of
experience, who has "wrote professional tools for the job", we expected
the results of a commercial vulnerability scanner such as Nessus, Nexpose,
or OpenVAS at the very least.
[..]
More information about the attrition
mailing list