Robbing a Bank as Part of a Penetration Test
A funny story.
Posted on December 9, 2011 at 12:30 PM
I do believe this is really unethical. I am a pentester and i will never recommend any tests like this to happen.
What if the bank teller had a nervous breakdown? The other client?
Pentests are supposed to represent a reality to an extent. I dont need to kill someone in his sleep to prove i could. I dont need to commit a bank robbery to prove i could steal one.
Either it is bad business, or a great (fictionnal) story.
Photo of Bruce Schneier by Per Ervland.
Schneier on Security is a personal website. Opinions expressed are not necessarily those of Resilient, an IBM Company.