if you would like to know the #1 reason that companies absolutely piss money away when getting pentests done, it is this:
they say no when we ask for source code.
that's it.
you have literally no idea how much more we can get done for the same budget when we're doing source-assisted app tests. it's night and day. testers do the scoping too, so we'll quote lower day counts AND deliver better results. and we're under NDA, so in 95% of cases there's literally zero reason not to say yes.
=> More informations about this toot | View the thread | More toots from gsuberland@chaos.social
text/geminiThis content has been proxied by September (ba2dc).