The client looked at us from across the table, grimacing as they gulped the foul coffee (sure it’s awful, but hey it’s a free perk!). They leaned in and said conspiratorially “So can you… umm… sort of… help us get the inside scoop on how we can pass this pentest?”
I pause and close my eyes for a second. I’ve heard pleas like this throughout my career. If you’re a veteran pentester, no doubt you have too. And what I always think… no matter how large or small the client… Nobody passes pentests! It’s their turn to suffer under our boot as we hijack the network and have shells fall down on us like rain. Nobody… nobody passes a pentest. There’s always a way in. Once we’re in, we make their worst nightmares come alive right under their own nose! No, pentests aren’t for passing. They’re to be endured.
SOURCE: stateofsecurity.com
