However, the question is what are the real benefits of a pentest for the client company?
What is the real value of a penetration test?
Many clients have misconceptions and false assumptions about penetration testing and they are engaging this type of projects for the wrong reasons, like:
- After a penetration test I will be safe
- A penetration test will find all of my vulnerabilities
- I’ve heard that pentesting is ‘sexy’ so I would like one myself
Companies who do penetration tests for these reasons do not get the real benefits of this service and they are practically throwing away the money.
From my perspective, a penetration test has the following true benefits for the client company: