A few of my posts have involved debating the ethics of public web app testing by security professionals. When the good guys poke and prod public web apps it raises a bunch of ethical questions, besides being legally questionable. Rather than recap my thoughts again, I invite you to read the article which I wrote for this month’s “ISSA Journal.” If you like the article and like some of the articles in the Journal archive, please consider supporting ISSA by joining. I have found it to be pretty valuable.
As always, I welcome your feedback. Feel free to challenge my assertions. All constructive comments will be let through moderation.