Episode 7

Penetration Testing FAQs

In this episode Sean Mahoney is joined by Stanley Li and Professor Michael Lassiter from Netswitch to discuss some of the most commonly asked questions about penetration tests, which include:

  • How do I know a pen test is effective?  
  • How do we set the goals of the pen test? Will you make recommendations to the business?
  • How can we trust your automated tool? 
  • Do I need a black box test for PCI-DSS or HIPAA compliance?
  • When you send the post pen test report to us, what are supposed to do with it? 
  • How long should it take to do the remediation work?
  • Do we have to remedy the vulns or do you?
  • How do we know the vulns found in the pen test are corrected properly?
  • My vendor (or customer) wants to see the pen test results as part of their supply chain review. Should I share it with them?

Sponsored by Netswitch Technology Management - netswitch.net

About the Podcast

Show artwork for Cybersecurity Chronicles
Cybersecurity Chronicles
News, views and stories from the cyber front line.

About your hosts

Profile picture for Stanley Li

Stanley Li

➤WHO I HELP & WHAT I DO: I help organizations with <1000 users to manage the cyber risk to meet compliance & regulatory requirements in IT & Cybersecurity. SecurIA®- the proprietary Managed Detection & Response platform I developed for Netswitch & Securli, has proven to reduce cost, risk, & time for our clients.

➤MY STORY: For the past 20 years I’ve dedicated my life to building Netswitch in order to protect and secure our clients’ data & critical infrastructure from the ever-increasing threat of cyber-attacks.
Profile picture for Sean Mahoney

Sean Mahoney

What I Do: I help business leaders achieve cyber-risk compliance and enable business continuity without breaking their budget.

I deliver productive ways of leveraging technology to meet business requirements and drive cost savings. Integrating automated and machine learning systems into operations to improve efficiency utilizing data analytics for improving business visibility allowing for faster reactions to market dynamics. Experienced in translating the technical to non-technical audiences.