In this episode Sean Mahoney is joined by Stanley Li and Professor Michael Lassiter from Netswitch to discuss some of the most commonly asked questions about penetration tests, which include:

• How do I know a pen test is effective?  
• How do we set the goals of the pen test? Will you make recommendations to the business?
• How can we trust your automated tool? 
• Do I need a black box test for PCI-DSS or HIPAA compliance?
• When you send the post pen test report to us, what are supposed to do with it? 
• How long should it take to do the remediation work?
• Do we have to remedy the vulns or do you?
• How do we know the vulns found in the pen test are corrected properly?
• My vendor (or customer) wants to see the pen test results as part of their supply chain review. Should I share it with them?

Sponsored by Netswitch Technology Management - netswitch.net