NCF-59 Things to do – Before Calling that High Priced Penetration Tester


BlackNight Cyber brings us some valuable information on how to avoid some of the high cost of top dollar penetration testers. Some of their peers may not like the free advice they give on today’s show, but I think you will enjoy it.  Today’s guest Josh Stinson and Jeramie Crabtree, tell us to “stop and do these top 10 things” before calling that high priced penetration tester.
  1. Know your business risks and identify your information crown jewels
  2. Identify basic vulnerabilities using free version of Nessus
  3. Identify what regulation is related to your business and how do you stand vs required thresholds.
  4. Check that you do not use default Logins on: cameras, printers, routers, wireless networks
  5. Determine if you use older Operating systems that are not supported by Microsoft: Vista or older will cause large amounts of time spent making penetration testing reports
  6. Check for unknown wireless access points
  7. Know your plan for “bring your own device” (BYOD)
  8. Have an employee connected, informed, and attending CISO organization events
  9. Connect with and attend local ISSA Chapter, ISC2 or NCC events
  10. Subscribe to Cyberwire, HackFive, New Cyber Frontier, and/or other Cyber education series
We thank both of our guest and company BlackNight for the valuable direction on do-it-yourself actions to save us all some valuable resources.
Visit our Sponsor sites:

Welcome to the New Cyber Frontier: Bringing you the latest news on the Cyber Security and initiatives that focus on development of the Cyber Security economics. Hear about developments which impact and affect both the local Colorado efforts and the entire virtual world.

You don’t have to be a computer or cyber security expert to get plugged in. Our New Cyber Frontier host Chris Gorog brings it straightforward, asks the tough questions, and brings the cyber world to a level of understanding for everyone.

Chris’ personable approach gets our guest to open up on the issues we all would like to see addressed.

If you are looking for Leadership and Self-help with actionable advice check out Chris’s Book “Inner Logic Engineering Your Life

Sponsor the New Cyber Frontier podcast: Sponsor Packages
NCF-58 Apozy Anti-Phishing & Anti Malware
NCF-57 Business Application Firewalls the Next Generation of Data Analytics
NCF-56 Security and Privacy for Our Medical Records
NCF-SR9 Legislator Focuses on Using BlockChain for Cutting Edge Governance Programs
NCF-55 Penetration Testing Hear from the NSA Certified Experts at Plex
NCF-CO7 Exploring Cyber Security Across the Community – DOD Office of Economic…
NCF-54 Securing the Internet of Things
NCF-53 Proactively Developing New Software with Security Built In
NCF-52 Responding to Cyber Incidents
NCF-CO06 National Cybersecurity Center: The Way Forward and the 2017 Cyber Symposium

All Episodes >>

Check out some of our other podcasts:

New Cyber Frontier

Coffee With Chris


We are open to hear your thoughts:

Subscribe to New Cyber Frontier

What interests you about Colorado Cyber efforts


Leave us some thoughts about the podcast you listened to. Did we ask the right questions? What else would you like to hear addressed by this guest?
Give us some more details on this topic, or others. We are always looking for areas to explore, tell us your ideas for guests or topics.

  • Christopher Gorog

    We would love to hear anything else that you would add to this list of pre penetration testing hygiene items.