I like it. It's short - which is a blessing in these things.
However, the bigger the company the easier it is to answer positively to a
general question. And generally people want to give you a positive answer.
SO, for a quick win make it shorter, but demand hard evidence that relates to
the
Nice idea. Has there been any test to see if the scores are actually
meaningful? Perhaps, running this question test on an org and then doing
a normal pentest to see if there is some correlation between (at least)
the severity of the results?
On Thu, Jul 3, 2014, at 04:44 AM, Pete Herzog wrote:
>
This looks like a valuable tool.
But I would suggest to rethink some of the question of trust metrics,
most importantly the first one.
Size of the vendor have nothing to do with the level of trust you should
have in it.
If you have ever worked in a shop which is not at the bottom of the food
chain
Hi!
I have been working on a means for testing parties that we may not be
able to legally directly test yet gives a clear answer for decision
making. The idea was to use an interview like a pen-test to get
information from the subject like a tester would where "asking them"
was considered just one
