How about if companies holding sensitive data were required to subject themselve... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		Scramblejams on Feb 5, 2015 \| parent \| context \| favorite \| on: “Anthem was the target of a very sophisticated ext... How about if companies holding sensitive data were required to subject themselves to pen test attacks by properly incentivized third parties? Even if an attack were not successful the deliverables would quickly tell an experienced hand whether the attempt had been sufficiently rigorous. And that would allow for a good audit mechanism.

JCJoverTCP on Feb 5, 2015 [–]

you wouldnt happen to be a pen tester, would you?

Scramblejams on Feb 5, 2015 | [–]

Nope. Sounds fun though.

Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact