Under the Hoodie 2019A statistical study into the art and craft of penetration testing
We have collected data from 180 penetration testing engagements over the nine-month period between mid-September 2018 through the end of May 2019. Since our last report, we’ve produced a brand-new survey of 94 questions, designed to make the collection of high-quality data quick and painless for the pen tester. This survey, which is described more completely in Appendix B, explores not only the usual internal and external network assessments, but also physical intrusions, in-person and electronic social-engineering techniques, and non-production code reviews.
Report Snap Shot
- 3 key findings
- Social engineering
- Incident detection and respone
- Credental capture
- And more!