“Shift Left”: A case for threat-informed pentesting. [CyberWire-X]

Penetration testing is a vital part of a robust security program, but the traditional pentesting model is in a rut. Assessments happen infrequently, the scope is often very broad, and the report is usually overwhelming. What if you could increase the overall ROI of your pentesting program and avoid these limitations? Every penetration test should have specific goals. Coverage of the MITRE ATT&CK framework or the OWASP Top Ten is a great start, but a pentest could provide exponential value …

amp assessments att case cyberwire framework goals great mitre mitre att&amp owasp owasp top ten penetration penetration test penetration testing pentesting program report roi scope security security program shift left test testing threat