Pen testing, SOC

Pen Testing, Part 1 w/ Dmitry Zagadsky – SCW #56

December 15, 2020

The penetration testing mythology as it applies to information security is all screwed up. If nothing else, we’re going to attempt to define a penetration test, focus on the goals, and what should be in a report. You better believe there is going to be an overarching “PCI” context to this discussion. Visit for all the latest episodes!

Full Episode Show Notes

Pen Testing, Part 1 w/ Dmitry Zagadsky

Dmitry’s Bsides Boston talk, “Don’t End Up With a Pencil: Tips for Shopping Pen Tests” –

Jeff’s talk, “Do We Still Need Pen Testing?” from CircleCityCon 2015 –

NIST SP800-115, Technical Guide to Information Security Testing and Assessment” –

The Penetration Testing Execution Standard (PTES) –

PCI Security Standards Council’s Penetration Testing Guidance


[caption id="attachment_210" align="alignleft" width="120"]Jeff Man Jeff Man - Sr. InfoSec Consultant[/caption] [caption id="attachment_210" align="alignleft" width="120"]Josh Marpet Josh Marpet - COO[/caption] [caption id="attachment_210" align="alignleft" width="120"]Liam Downward Liam Downward - CEO[/caption] [caption id="attachment_210" align="alignleft" width="120"]Scott Lyons Scott Lyons - CEO[/caption]


[caption id="attachment_210" align="alignleft" width="120"]Dmitry Zagadsky Dmitry Zagadsky - AVP IT Security [/caption]


[audio src=""]
prestitial ad