Really? Isn't coverage for vulnerability management and pentesting always has a specific goal like "get domain admin"? Honestly asking, I do offensive security but never been a pentester.
More mature clients these days want pretty broad coverage as well as "get DA" (or other "goal") out of their engagements, in my experience.
It's been kind of interesting seeing things change over the years - from strictly goal oriented, to the era of the Nessus Monkey (vuln scans sold as pen tests), and then back to goal oriented but now with additional coverage requirements.
It's been kind of interesting seeing things change over the years - from strictly goal oriented, to the era of the Nessus Monkey (vuln scans sold as pen tests), and then back to goal oriented but now with additional coverage requirements.