To Pen Test or not to Pen Test .. that is the question.
I gave a Fire Talk at ShmooCon. I had hoped to convey that the way Federal agencies have been conducting their security assessments, has been flawed (at best) or wrong. I was asked a simple question “What should we do to fix it?” I…