Comment InGuardians (Score 1) 93
I would agree with the post in for Jeremiah Grossman at WhiteHat Security. Jeremiah and his team do great work in this space, and their research is top notch.
I also wanted to offer our company's services as well. InGuardians is also well known in the industry. Our team frequently presents at major security conferences, both commercial (BlackHat, SANS,
Full Disclosure. I am a Senior Security Analyst for InGuardians that specializes in network and web app pentests. Another one of our Senior Analysts is Kevin Johnson, who is the author and lead instructor for the SANS 542 "Web App Penetration Testing and Ethical Hacking" course.
http://www.sans.org/security08/description.php?tid=1722
Here is something else to help you out, regardless of who you go with. Kevin and I have a few OSS community projects, one that you'd probably be interested in is our live pentest CD called "Samurai-WTF". It is a live Linux environment that has been pre-configured with the best open source and free tools for testing and attacking websites. Feel free to go download a copy from our website. It works great running from any of the virtual machine products out there, and also works great if you burn it to a DVD. Once you get it running, the login is "samurai" with the password "samurai".
http://samurai.inguardians.com/
I'd love to draft up a proposal for Kevin and I to pentest your website and the network it is sitting on. Please feel free to email me at justin (at) inguardians.com to set up a time to talk about your needs in more detail.
Check out our website if you would like to learn more about our company, the other services we offer, and the other members of our team.
