Penetration Testing: A Managed Service Or Only Once Per Year?

Artwork for podcast Cybersecurity Chronicles

Episode 8 • 21st September 2020 • Cybersecurity Chronicles • Netswitch Technology Management

00:00:00 00:18:15

Share Episode

Start at

Embed

Download Audio Share to Facebook Share to Twitter Share to LinkedIn

Shownotes

In this episode Stanley Li and Sean Mahoney from Netswitch are joined by James Watson to discuss exactly what is Penetration Testing as a Service (PTaaS) and the increasing trend for businesses to move away from once-a-year pen tests to more regular, monthly ones instead.

Episode highlights:

- 15 years ago, when manual vulnerability scanning and assessments were the only options.

- Why manual plus automated testing combined is essential to get the highest quality results from pen tests.

- The new CVE 2020 1472 vulnerability Microsoft recently announced that won't be patched until 2021, and what this means for your testing schedule.

- Why insecure configurations created by your IT admins could be increasing your risk more than you realise.

- How the increasing number of regulatory and certification requirements have changed the testing landscape.

- Why companies now have to demonstrate they're consistently pro-active in testing their networks.

- Why the increase in remote working has only amplified these issues.

- Why penetration testing as a service is much more affordable than annual tests of years gone by.

- Which types of companies are particularly increasing their testing frequency.

- Why vulnerability assessments alone will not protect you from Ransomware attacks.

- What data penetration tests can identify that vulnerability assessments are unable to.

- How to effectively manage security risk if you're a small business with a limited budget.

- How an international hotel group client has increased their vulnerability assessment frequency from annually to monthly.

- Why they jumped at the chance to deploy Penetration Testing as a Service.

- How the old way of manual penetration testing could take over a month.

- Why the new combination of automation and manual effort can now perform the testing and deliver a report with remediation in just one business week.

- Why this means more time can be spent on remediation efforts and less on the testing itself.

- Why consistency is the key to effectively managing your cyber risk in an increasingly insecure world.

Sponsored by Netswitch Technology Management - netswitch.net