Pen testing in ISO, NIST and regulatory contexts

In this episode, host Dejan Kosutic interviews Sasa Jusic, a board member at Infigo IS and a cybersecurity expert. They delve deep into penetration testing and cyber threat intelligence, explaining their roles in enhancing cybersecurity. Learn about the differences between offensive and defensive security measures, the importance of DORA and ISO 27001 frameworks, the critical steps for preparing and executing successful penetration tests, and the elements of threat intelligence. Sasa also shares insights on the collaboration between IT and security teams, as well as the role of consultants in this evolving landscape.

Links from the episode:
- Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/Conformio-software
- White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits
- Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertise to potential clients: https://advisera.co/Consultant-Courses
- Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Training-Account 
- Beginner's Course for ISO, Cybersecurity, and AI Consultants: https://www.youtube.com/playlist?list=PLHwD3nQun7caKFq80LxNNYKIabATlyA7t
- How to Grow Your Cybersecurity, ISO, or AI Consultancy: Advanced Course:https://advisera.co/GrowYourConsultancyTraining 

• (00:00) - Interview with Sasa Jusic
• (01:41) - Penetration Testing and Threat Intelligence Relationship
• (06:23) - DORA and Its Impact on Cybersecurity
• (08:22) - Types of Penetration Testing
• (10:33) - Preparing for a Successful Penetration Test
• (13:07) - Reporting and Translating Technical Findings
• (15:56) - Acting on Penetration Test Reports
• (19:52) - Understanding Threat Intelligence
• (22:11) - Tools for Threat Intelligence
• (29:01) - Common Misconceptions About Threat Intelligence
• (31:58) - Opportunities for Cybersecurity Consultants
• (36:42) - Key Recommendations for Security Officers
• (40:13) - Resources for Consultants