Log analysis can reveal a lot of security mistakes and fails, but a lot of security sins, too.
As a penetration tester you have to be an expert in multiple technologies.
KirkpatrickPrice offers a list of the most common risks they find.
FireMon announced Security Manager 6.0, a security policy and posture management solution that integrates risk analysis with configuration management, enforcement and auditing of network devices like firewalls, routers and switches.
Nmap is a free and open source utility for network exploration or security auditing.