By Greg Charman – Pentester at iSTORM Solutions
It’s that time again. Time to reach out to several pentest providers and get the ball rolling for scoping calls, quoting then re-quoting. Once this is completed and you’ve chosen this year’s provider – you have hope that they have availability that aligns with your timeframes.
All this in the interest of having a “fresh pair of eyes” have a look at your systems. Wouldn’t it be easier if you were able to build a relationship with the provider you will be trusting your most valuable information with?
As a pentester myself, I find that the process of planning an engagement is much more efficient for everyone involved when we already have a relationship with the client. As a consultant, my job is not only to scope, complete and report the test but to make sure that we are making the best use of your budget and our time during the process. This is much easier if I already have an understanding of your business. An insight into your organisation’s infrastructure is essential when trying to prioritise risks and enables me to identify the best techniques to accommodate those priorities. Ultimately, a pentest works best when it’s a collaborative effort between both organisations.
Another benefit of partnering with a pentest provider is to avoid the headache of tracking vulnerabilities year on year. Remediation advice is great but keeping metrics around your organisations evolving security posture can be difficult if you have data from several different sources. Why not make it easier by using a provider who can provide a consolidated view of this?
Repeat partnering with a pentest provider may also result in loyalty discounts when it comes to pricing – helping your organization utilize their budget better!
For more info on how iSTORM can provide a tailored solution for your privacy, security and pentesting needs visit: https://istormsolutions.co.uk/