tag:blogger.com,1999:blog-422477430134849438.post1613778695357304836..comments2017-09-03T06:52:32.497-07:00Comments on Netragard's SNOsoft Research Team: Followup to my last Brian Chess - Fortify Software post.Adriel Desautelshttp://www.blogger.com/profile/16119732948300414743noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-422477430134849438.post-15215097586071955402009-01-06T08:17:00.000-08:002009-01-06T08:17:00.000-08:00Wolf, thanks for the comment but I can't say that ...Wolf, thanks for the comment but I can't say that I agree. It seems to me that people have lost sight of what a real penetration test is. If that was not the case then you, like the rest would understand that penetration testing can not be made obsolete. <BR/><BR/>With respect to your question, you are making a fatal assumption. The security technology is a product of research that has been done by hackers. Hackers will evolve, we always do, and will defeat any security technologies that are created. You must also remember that security technologies are by their very design reactive and as a result will always be a few steps behind the hackers. So your question "Why bother doing the hard job of actually learning how to be a real hacker (penetration specalist) if you are pretty sure that some application is going to make your specialty obsolete?" is factually inaccurate. No technology can make our specialty obsolete and with respect to that I've challenged Brian Chess but have yet to have my challenge accepted. <BR/><BR/>The fact of the matter is that if Brian Chess does accept our challenge we'll break in. There are many ways to hack into networks, web applications aren't the only gateway and they are most certainly not the easiest. You're forgetting about other powerful tools that we have in our arsenal.Adriel Desautelshttps://www.blogger.com/profile/16119732948300414743noreply@blogger.comtag:blogger.com,1999:blog-422477430134849438.post-5243476490162781032009-01-06T03:07:00.000-08:002009-01-06T03:07:00.000-08:00It seems to me that this prophesy of the end of pe...It seems to me that this prophesy of the end of penetration testing is designed to test the resolve of potential pen-testers or hackers to go the whole route. Why bother doing the hard job of actually learning how to be a real hacker (penetration specialist) if you are pretty sure that some application is going to make your specialty obsolete? <BR/>This clears the field of some potential competition, but puts a lot more unqualified testers out there who can operate metasploit.Wolf X Haltonhttps://www.blogger.com/profile/03241874006489413079noreply@blogger.com