: Hiring security auditors...what should I know? I want to hire someone to do a security audit of my website but I'm not sure how to go about it. Where are good places to look for an auditor?
I want to hire someone to do a security audit of my website but I'm not sure how to go about it. Where are good places to look for an auditor? Besides a list of referrals, what should I be looking for in an auditor? What qualifications should he/they have, and how can I verify them?
More posts by @Phylliss660
1 Comments
Sorted by latest first Latest Oldest Best
I'm going to suggest that you get yourself a copy of nessus and run the scans yourself. It should give you a good baseline to start with.
Why? Because many third party auditors are going to run this exact tool and won't really help you with interpreting the results any way.
If you use certain Verisign certificates, Symantec throws in some baseline vulnerability scanning as part of the cost. Other CAs may provide some of these services as well.
If you have a specific requirement like PCI Compliance, you can get a list of authorized scanning vendors with the caveat being that scanning results don't necessarily come with vulnerability management support (unless you pay extra).
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.