Instead of reading pen test results as an evaluation of the application’s security, AppSec teams should use the results to evaluate how effective their efforts are in deploying training, tooling, governance, and processes.
Are You Reading Your Pen Test Results Wrong?
Instead of reading pen test results as an evaluation of the application’s security, AppSec teams should use the results to evaluate how effective their efforts are in deploying training, tooling, governance, and processes.