Testing the defences of a network, applications, or infrastructure can be tough. Often you spend lots of days, the results not being proportionate to the time spent. How do you assess success when doing penetration testing? How to test, what tools to use, and who should be doing the testing? Johnny Deutsch has some answers for you. He held a presentation at DeepSec 2015 about this topic.
We recommend watching this presentation to everyone thinking about requesting a penetration test or, of course, everyone actually doing these tests.