|
|
|
|
|
|
by relaunched
2599 days ago
|
|
|
The practice is pretty common when dealing with a large enterprise. Pen tests vary wildly, in quality and scope. Typically, you require 3rd party pen tests, a little more common is to review the report and methodology. However, it's not uncommon to specify that it has to be a Big4 type firm or from an approved vendor list. It's pricey, especially for small firms. However, most companies don't know what their security posture is - this is all part of managing risk. |
|
|