zlacker

[parent] [thread] 1 comments
1. debo_+(OP)[view] [source] 2024-01-03 20:27:28
It's relatively common to have pen testers attack a cloned environment w/ sanitized data. This is especially true in cases where your policies (or those you've agreed to from customers) require you to present evidence that you are having a pen test done every X years.
replies(1): >>red-ir+bc2
2. red-ir+bc2[view] [source] 2024-01-04 15:03:00
>>debo_+(OP)
access to live data for testing is also a compliance question -- as in, don't do it, and why are you doing it?

why are you not using cloned or dummy data?

[go to top]