[lmorandi]

I don't know if you ever hired or done a penetration test, but when someone uses a common vulnerability scanner to identify issues, that's called a VRA (Virtual Risk Assessment), which is way different as a penetration test. In a penetration test you are not only focusing on tools, but you also perform manual testing. common tools aren't able to find business logic vulnerabilities, and also they are not able to chain them.

I see you also mentioned digging into code (code review), which is a different service. In cybersecurity there are different branches, and I don't think you want a guy that "knows" how to do everything, cause that person is probably not an expert in any of the mentioned areas. a Penetration test it's not the same as a code review, and it's not the same as a VRA, and it's not the same as a Red Team. They all cover different things, and are meant to satisfy different needs.

Trust me, in cybersecurity you cannot be an expert in every area. So you better find a specialist for web apps and a specialist for code review if you need both. Same for infra, cloud, etc.

The only one that is simple is the VRA cause it only depends on running a vulnerability scanner and checking if the reported vulnerabilities aren't false positives. (but you need a license for that software and those are pretty expensive)