ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "A Case for Threat Informed Penetration Testing - Dan DeCloss - PSW #763"
Episode Synopsis
Every penetration test should have specific goals. Coverage of the MITRE ATT&CK framework or the OWASP Top Ten is great, but what other value can a pentest provide by shifting your mindset further left or with a more strategic approach? How often do you focus on the overall ROI of your penetration testing program? This talk will explore what it means to "shift left" with your penetration testing by working on a threat informed test plan. Using a threat informed test plan will provide more value from your pentesting program and gain efficiency in your security testing pipeline. This talk applies to both consultants and internal security teams. Segment Resources: Hack Your Pentesting Routine WP: https://plextrac.com/resources/white-papers/hack-your-pentesting-routine/ Effective Purple Teaming WP: https://plextrac.com/effective-purple-teaming/ This segment is sponsored by PlexTrac. Visit https://securityweekly.com/plextrac to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw763
More episodes of the podcast Paul's Security Weekly (Video)
Going Around EDR - PSW #900
13/11/2025
Cybersecurity Is Dead - PSW #898
30/10/2025
Its Always DNS - PSW #897
23/10/2025
AI, EDR, and Hacking Things - PSW #896
16/10/2025
IoT Hacks Galore - Kieran Human - PSW #895
09/10/2025
Broadcom, LastPass, SEO Poisoning, QR codes, H1B visas, Distributed Computing... - PSW #893
25/09/2025
Safes, Hackers, and Web Servers - PSW #892
18/09/2025
In God we trust