Every penetration test should have specific goals. Coverage of the MITRE ATT&CK framework or the OWASP Top Ten is great, but what other value can a pentest provide by shifting your mindset further left or with a more strategic approach? How often do you focus on the overall ROI of your penetration testing program? This talk will explore what it means to “shift left” with your penetration testing by working on a threat informed test plan. Using a threat informed test plan will provide more value from your pentesting program and gain efficiency in your security testing pipeline. This talk applies to both consultants and internal security teams.

Segment Resources:

Hack Your Pentesting Routine WP: https://plextrac.com/resources/white-papers/hack-your-pentesting-routine/

Effective Purple Teaming WP: https://plextrac.com/effective-purple-teaming/

This segment is sponsored by PlexTrac. Visit https://securityweekly.com/plextrac to learn more about them!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw763