http://blog.clearnetsec.com/articles/tag/assessments en-us 40 <p>There is nothing I’ve seen recently to promote a valuable exercise to do after receiving a security assessment. That is, as the client, <b><i>what did you see?</i></b> </p> <p> Did you have anything alert you? If so, what did it suggest? Did you have enough information to piece together what was happening? <i>(Bonus: do you know which tools were fired towards your IPs?)</i> </p> <p> The majority of my clients have no clue if anything occurred. That’s bad. Businesses which have little to lose may decide to ignore investing in monitoring and detection, but for others it’s turning a blind eye. </p> <p> I’m going to dig a little deeper on future exit calls to get more information. I often ask clients if they detected any strange behavior, but there is definitely more room to expand the discussion. </p> Wed, 05 Sep 2007 19:37:00 -0600 urn:uuid:24cb4f05-698b-44aa-8bef-cd848ee81b28 tate@ClearNetSec.com (Tate Hansen) http://blog.clearnetsec.com/articles/2007/09/05/anything-alert-you ClearNet Security Tate Hansen ClearNet security assessments penetration testing logs detection