The Application Security Podcast

Robyn Lundin -- Planning & organizing a penetration test as an AppSec team

Jan 10, 2023
Ask episode
AI Snips
Chapters
Transcript
Episode notes
ANECDOTE

Natural Physical Pentester

  • Robyn realized she naturally excels at physical penetration testing by easily accessing buildings.
  • She avoids it professionally due to the grueling travel schedule that often comes with it.
ADVICE

Pen Testing in SDLC

  • Pen testing fits best near the end of your Secure Development Lifecycle.
  • Test only when your app is functional enough to provide meaningful security insights.
INSIGHT

Human Context in App Pen Testing

  • Application pen testing is more human-focused, simulating attacker motivation and context.
  • System-level pentests often focus on scans and infrastructure without human context.
Get the Snipd Podcast app to discover more snips from this episode
Get the app