%term

12 Penetration Testing Myths Blocking MSP Revenue, Margins, and Client Trust

May 30, 2025 By Phani Deepak Akella In Indusface

Managed Service Providers (MSPs) sit on the front line of cyber‑defence for thousands of small and midsize businesses. Yet many still hesitate to add penetration testing (pentesting) to their security stack, largely because of persistent myths—myths that are steadily being dismantled by real‑world breach data. Fresh breach evidence makes the cost of that hesitation impossible to ignore.

Read Post

Indusface

Read more about 12 Penetration Testing Myths Blocking MSP Revenue, Margins, and Client Trust

Proposed HIPAA Update Makes Yearly Pen Testing Mandatory

May 28, 2025 By Katrina Thompson In Tripwire

In January of this year, significant changes to the HIPAA Security Rule were proposed by the Office of Civil Rights for the Department of Health and Human Services (OCR). The proposed update to the HIPAA Security Rule, published on January 6, 2025, introduces a significant new requirement: all covered entities and business associates must conduct penetration testing of their electronic information systems at least once every 12 months.

Read Post

Tripwire

Read more about Proposed HIPAA Update Makes Yearly Pen Testing Mandatory

Mergers and Acquisition Penetration Testing Explained

May 27, 2025 By Sanskriti Jain In Astra

The real risk in M&A isn’t hidden. It’s just inconvenient to surface. Everyone’s pushing for closure. Security gets boxed into a checklist, technical debt gets rebranded as “Post acquisition planning,” and the systems you’re about to inherit stay largely unchallenged until it’s too late.

Read Post

Astra

Read more about Mergers and Acquisition Penetration Testing Explained

Pentesting in 2025: Insights, Trends, and Predictions

May 27, 2025 By Sanskriti Jain In Astra

The future of security isn’t speed; it’s strategy. Cybersecurity in 2025 is caught in a paradox: the tools are getting faster, but the threats are getting smarter. With 5.3 vulnerabilities discovered every minute across thousands of assets, organizations aren’t short on data; they’re overwhelmed by it. But volume isn’t the headline.

Read Post

Astra

Read more about Pentesting in 2025: Insights, Trends, and Predictions

Reviewing Penetration Test Pricing In 2025: A Practical Guide for UK and EU Buyers

May 22, 2025 By SecuritySenses In SecuritySenses

Penetration testing costs in the UK and EU can range from a few thousand pounds to well over £20,000. At a glance, many of these tests look the same. So why the price gap? In 2025, pricing models haven't changed much. Most tests are still priced per day, but the complexity of what's being tested has changed. The rise of custom internal tools (many "vibe coded" by non-IT or security teams), shadow IT, SaaS stacks, and cloud sprawl means that scoping a pen test properly takes more time and care.

Read Post

SecuritySenses

Read more about Reviewing Penetration Test Pricing In 2025: A Practical Guide for UK and EU Buyers

How To Run a Penetration Test

May 20, 2025 By Keeper Security In Keeper

Penetration testing helps identify and fix security vulnerabilities. In this quick video, learn the five key stages of penetration testing and how these steps work together to protect your systems from cyber attacks.

View Video

Keeper

Read more about How To Run a Penetration Test

Pen Test Results Dropping? Here's Why (And How to Fix It!) #cybersecurity #bountyprograms

May 20, 2025 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about Pen Test Results Dropping? Here's Why (And How to Fix It!) #cybersecurity #bountyprograms

How external attack surface analysis enhances pen testing

May 19, 2025 By Marcus White In Outpost 24

Despite advancements in security, web applications are still a problem. Attackers target web applications because they’re exposed, complex, and not as well protected as they should be. According to Verizon1, web applications are the most prevalent attack vector, with exploitations of vulnerabilities increasing by 180% in 2024.

Read Post

Outpost 24

Read more about How external attack surface analysis enhances pen testing

How to Adopt DORA's Threat-Led Penetration Testing Requirements

May 8, 2025 By Kroll In Kroll

The new Digital Operational Resilience Act (DORA) requires significant financial entities in the EU to carry out Threat-Led Penetration Testing (TLPTs) on a regular basis. However, the skills required along with the planning for these types of exercises can prove difficult and time consuming. During this session, Kroll brings together our red teaming, threat intelligence and DORA regulatory compliance experts to provide practical guidance on how security, risk and resiliency leaders can adopt a sustainable threat-led penetration testing (TLPT) program as required by DORA.

View Video

Kroll

Read more about How to Adopt DORA's Threat-Led Penetration Testing Requirements

AI Penetration Testing Fundamentals

May 2, 2025 By Keshav Malik In Astra

With the increasing usage of AI systems in critical infrastructure and business operations, there is an inevitable need to secure these systems. AI pentesting is a domain-specific security assessment designed to identify and remediate vulnerabilities unique to AI systems, including machine learning models, training pipelines, and their underlying infrastructure.

Read Post