Updated specific locations to be searchable, take a look at Las Vegas as an example.

This post has been de-listed

It is no longer included in search results and normal feeds (front page, hot posts, subreddit posts, etc). It remains visible only via the author's post history.

8
What Should Be Included in an RFP for VAPT?
Post Flair (click to view more posts with a particular flair)
Concepts
Post Body

Hello Everyone ,

We are in n the process of selecting a vendor for Vulnerability Assessment and Penetration Testing of our web applications and APIs. We have a few questions that we'd like to get the community's input on before making a decision:

Do you typically ask potential VAPT vendors about the specific tools they plan to use in their technical proposal? If so, what are some key tools we should expect them to mention?

Between white-box, grey-box, and black-box testing, which do you find most effective for web applications and APIs?

Is it better to have the VAPT vendor conduct tests on-site or remotely? What are the security implications of each approach?

Thanks in advance

Author
Account Strength
90%
Account Age
4 years
Verified Email
Yes
Verified Flair
No
Total Karma
1,879
Link Karma
1,311
Comment Karma
123
Profile updated: 3 days ago
techno_it

Subreddit

r/AskNetsec

Post Details

We try to extract some basic information from the post title. This is not always successful or accurate, please use your best judgement and compare these values to the post title and body for confirmation.
Posted
5 months ago
Reddit URL
View post on reddit.com
External URL
reddit.com/r/AskNetsec/c...