What are you trying to accomplish with penetration testing? Is it to satisfy a compliance check box or to meet client or business partner requirements?

business risks.

security risks Today’s hackers, NEVER SLEEP, and the more often you pen test, the more sleep you will get!

As we have seen far too often, the “bad guys” work in teams, and have no time tables-just targets, don’t become a victim.

A client needs to make sure that they are doing the proper testing — “penetration testing” in the purest sense, is rarely enough.

Neither are higher-level “checklist audits”.

Any company, that is relying on “plain vanilla” vulnerability scans is a path to facilitate a breach-a soft target.

By focusing on performing “security assessments” that look at the company’s exposure, threat landscape, the threat surface, end points,  and potential attack surface(S), are far better served, than limiting your tests to whatever someone is asking you to do-be proactive, again, don’t be a victim-is the mantra.

To a hacker, with very bad intentions to do harm, all systems and applications are fair game for attack.

More important question than how often you should test, is the need for your business to ensure that it’s performing its security tests effectively and consistently.

The cost is minimal compared to the damage that hackers can inflict.