How many different types of pentest / “red team assessments” / “adversarial assessments” are there? EVERYONE pitches, sells, and performs them differently. How is a company supposed to gauge effectiveness of a program of these tests? In this talk, I will not only be talking through my list of tests, but open sourcing all of the documents to support it right here at WWHF 2017. I hope that we might start to standardize penetration tests, even if it’s at a broad level. As well as give new firms and pentest 1099s a framework to start with. Want to get a sneak peak, game for providing feedback? DM me on Twitter for the link to the docs. Have a question before or during the talk? Go to slido.com and join #OSPT starting Oct 24.
