Information Security/Penetration testing companies?

/usr/usr Member Posts: 1,768
I would love to get some sort of experience like this in my area, but there are no companies like this around here, within two hours at least. Which brings me to a question. Do most companies even perform regular security audits? If so, who performs them if there is no local company which specializes in the field?

Comments

  • WebmasterWebmaster Admin Posts: 10,292 Admin
    Do most companies even perform regular security audits? If so, who performs them if there is no local company which specializes in the field?
    I don't know how it is in the states, and if the situation improved any in the last two years, but I've worked at many large companies as well as small ones, and only one of them attempted to perform a security audit. The companies network specialist/designer performed the audit. But like I said, it was an attempt... hardly anything like what a CEH supposedly does...

    Now that I mention CEH... If you, like me, got enthusiastic by reading their brochure about job opportunities for a CEH, I think we'll both get dissapointed icon_wink.gif I might be wrong though, but I don't think 'most companies even perform regular security audits'.
  • /usr/usr Member Posts: 1,768
    I did, but I'm also generally interested in network security. Though I would love to get into security auditing, I know I would love any field associated with information security.

    I think it's something most companies just don't consider, but most likely should. Of course, if you have the necessary skill level to perform or participate in an audit, then perhaps if you approach them with the proposition, maybe they would listen.
  • garv221garv221 Member Posts: 1,914
    Webmaster wrote:
    [I might be wrong though, but I don't think 'most companies even perform regular security audits'.

    True. I think most companies, besides the Gov. don't really deal with network intrusion until an actual pentration occurs. Then they have an in house guy fix it. Because according to the rest of the company, IT can fix anything. icon_lol.gif
  • WebmasterWebmaster Admin Posts: 10,292 Admin
    I did, but I'm also generally interested in network security. Though I would love to get into security auditing, I know I would love any field associated with information security.
    Same here, it would be ideal for me to combine with what I do now. I have a lot of security related experience, but all as part of a sys/net admin/designer job role, which is just not good enough for the kind of job I'd like to have (penetration testing, although I think the forensics is darn interesting too).

    I think, apart from certs like the CEH, firewall and IDS certs (Cisco IDS, Cisco Pix, CCSA/E) may be a good step towards a penetration testing/sec auditing job.
Sign In or Register to comment.