New Pentesting TV Show Coming Out

By Daniel Miessler on December 21st, 2007: Tagged as Hacking | Pentesting | Security

This vérité action series follows Tiger Team – a group of elite professionals hired to infiltrate major business and corporate interests with the objective of exposing weaknesses in the world’s most sophisticated security systems, defeating criminals at their own game.

Tiger Team is comprised of Security Audit Specialists Chris Nickerson, Luke McOmie and Ryan Jones who employ a variety of covert techniques – electronic, psychological and tactical – as they take on a new assignment in each episode.

The show will air on CourtTV Tuesday, December 25 at 11 and 11:30pm E/P. Here’s a sample:

  • Jason

    I’m an IT professional and see no security value in publicly exposing weaknesses in the world’s most sophisticated security systems. This is not defeating criminals at their own game. It used to be that one had to go to prison to be trained in crime. Just another tactic of spreading fear. There is no such thing as a foolproof cost effective security system. Fix this by enforcing and the law. If I want less hot water I simply turn a knob on my sink.

  • Jason

    I’m an IT professional and see no security value in publicly exposing weaknesses in the world’s most sophisticated security systems. This is not defeating criminals at their own game. It used to be that one had to go to prison to be trained in crime. Just another tactic of spreading fear. There is no such thing as a foolproof cost effective security system. Fix this by enforcing and the law. If I want less hot water I simply turn a knob on my sink.

  • http://dmiessler.com/ Daniel Miessler

    Jason,

    The point here is pretty simple: if we don’t check ourselves to see if we have weaknesses, someone else will. We should not simply wait to be attacked using various methods that we’re too lazy to find ourselves.

    Penetration testing is an excellent way to test mature security programs. It doesn’t prove security, but if it uncovers something, that information is often invaluable.

  • http://dmiessler.com Daniel Miessler

    Jason,

    The point here is pretty simple: if we don’t check ourselves to see if we have weaknesses, someone else will. We should not simply wait to be attacked using various methods that we’re too lazy to find ourselves.

    Penetration testing is an excellent way to test mature security programs. It doesn’t prove security, but if it uncovers something, that information is often invaluable.

  • Jason

    I’ve done security audits. To get my point watch “Bowling for Columbine.” Watch how the fear Americans feel due to what is programmed on TV for us is juxtaposed against Canadians viewpoint on fear.

    On a side note, I believe hackers who expose security holes publicly are wrong. Such exposures does not allow a vendor time to fix the problem before the exposed hack is likely used by the now informed public. The way I see it, the only right way to expose discovered security holes is to inform the vendor, period. Any further actions are only born from a desire for recognition. A fact for which IT vendors could capitalize.

  • Jason

    I’ve done security audits. To get my point watch “Bowling for Columbine.” Watch how the fear Americans feel due to what is programmed on TV for us is juxtaposed against Canadians viewpoint on fear.

    On a side note, I believe hackers who expose security holes publicly are wrong. Such exposures does not allow a vendor time to fix the problem before the exposed hack is likely used by the now informed public. The way I see it, the only right way to expose discovered security holes is to inform the vendor, period. Any further actions are only born from a desire for recognition. A fact for which IT vendors could capitalize.

  • http://dmiessler.com/ Daniel Miessler

    On the disclosure point, that’s generally accepted to be true. The only question is how long to give the vendor before going public.

  • http://dmiessler.com Daniel Miessler

    On the disclosure point, that’s generally accepted to be true. The only question is how long to give the vendor before going public.


Top

Popular

Information Security / Technology

Politics

Philosophy & Religion

Technology & Science

Culture & Society

Miscellaneous

Arguments

Projects

Collections

Twitter

What I'm Reading

Favorite Books and Essays

Top Blog Categories

Inputs