An attacker’s perspective on choosing a red-team or pen-test engagement

Sitting on the frontlines as a red-teamer, people regularly ask me, “Should I do a pentest or hire a red team?” But that’s not the question they should be asking. Security leaders should be asking, “What can I do to make it more expensive for an attacker to ‘pwn’ me?” Expense for an attacker is defined by many factors:

Read full article on Security Magazine