A Snapshot in Time: Why Penetration Testing Is Critical for Cyber Security

When Megan Brown, Jonathan Care, and I explore the world of penetration testing, we uncover the missing links between the testing itself and having a secure organisation and patched vulnerabilities.

In this episode, you will learn how to maximise the potential of your penetration tests and increase the depth of your organisation’s cyber security. 

“Pen tests on their own don’t do anything if you don’t have a way of tracking the issues, resolving the issues.” Jonathan Care

We cover the following topics:

  • How regularly penetration testing should be carried out to ensure that the organisation is secure as well as compliant
  • Driving accountability and how to use the data from pen testing
  • Expectations vs outcomes from pen testing
  • What additional value do you get with a continuous pen testing (CPT) service?
  • How does Razorthorn bridge the gaps between testing, tracking and resolving vulnerabilities with their CPT service, Razor’s Edge?
  • How cyber insurance premiums can be reduced through CPT
  • Are bug bounties complimentary to pen tests and what benefits and drawbacks do they have? 
  • How GRC can support a company following a pen test to increase internal and customer confidence by closing security gaps
  • What challenges arise when recruiting and retaining qualified pen testers given the current market conditions?

Megan, Jonathan, and I had an interesting discussion about the current trends in the penetration testing industry. We discuss the various ways organisations are utilising penetration testing, from quarterly snapshots in time to continuous pen testing, with reference to Razorthorn’s new CPT platform, Razor’s Edge.

We talk about how difficult it is to find and retain skilled professionals, when better-paying jobs are dangled like carrots in an industry where there is a notable skills shortage. 

We also talk about how to use intelligence to find new threats on the dark web and how to combine vulnerability scanning with pen testing. 

Find out more about Razor’s Edge here: https://www.razorthorn.com/cyber-security-testing/next-gen-continuous-pen-testing/ 

Listen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listen


Megan Brown

Megan Brown has spent over 15 years in SAAS and technology leadership roles. For the past 5 years, she has worked alongside the founding team at LogicGate to help scale the Risk Cloud, a next gen GRC workflow automation SaaS platform, around the world. Megan currently works as the Head of International Sales after having developed the Strategic Alliances and Partner Function at LogicGate. Megan leads the international market expansion strategy and sales team covering global markets. In her free time, she loves podcasts and is a host herself – you can hear more from Megan on LogicGate’s GRC & Me podcast. She is a live music fan, marathon runner, and mom to a 3 year old daughter. Megan, her husband, and their daughter will be moving to Richmond, UK, this year, a long way from their previous home in Chicago, IL where the company has its US headquarters. 

Jonathan Care

Jonathan Care is a recognised expert in the field of Cybersecurity & Fraud Detection. A former top-rated Gartner analyst, Care was responsible for defining the Fraud market, and leading Gartner’s Insider Threat and Risk research. He regularly advises cybersecurity industry leaders on strategic growth and has worked with key figures in industry and government across the globe. He is a lead contributor for Dark Reading, an industry-defining publication. Jonathan has testified in court as an expert witness and forensic investigator and is a Fellow of the British Computer Society. He also fuels his creative passion as a composer of film/TV music.  

Social media: @jonathanhcare & https://linkedin.com/in/computercrime  

Resources Mentioned

LogicGate Security

Lionfish Security

Push Security

Dark Reading

Black Hat 

Razor’s Edge

Tech Vets

44 Con

Other episodes you’ll enjoy

The Cyber Security Skills Shortage | Razorwire Podcast

Ex-Military Cyber Security Experts: How Military Training Prepares You for a Successful Career in Cybersecurity

Connect with your host James Rees

Hello, I am James Rees, the host of the Razorwire podcast. This podcast brings you insights from leading cyber security professionals who dedicate their careers to making a hacker’s life that much more difficult.

Our guests bring you experience and expertise from a range of disciplines and from different career stages. We give you various viewpoints for improving your cyber security – from seasoned professionals with years of experience, triumphs and lessons learned under their belt, to those in relatively early stages of their careers offering fresh eyes and new insights.

With new episodes every other Wednesday, Razorwire is a podcast for cyber security enthusiasts and professionals providing insights, news and fresh ideas on protecting your organisation from hackers.

For more information about us or if you have any questions you would like us to discuss email podcast@razorthorn.com.

If you need consultation, visit www.razorthorn.com, We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion.

Linkedin: Razorthorn Security

Youtube: Razorthorn Security

Twitter:   @RazorThornLTD

Website: www.razorthorn.com

Loved this episode? Leave us a review and rating here

Follow Us