• Echo Dot@feddit.uk
    link
    fedilink
    arrow-up
    29
    ·
    2 days ago

    You hope it’ll set off alarms. Sometimes it doesn’t, mostly because they don’t have monitoring setup.

    • Cornelius_Wangenheim@lemmy.world
      link
      fedilink
      arrow-up
      21
      ·
      2 days ago

      Pen tests aren’t cheap. Even basic ones are ~$20k. There’s only 2 types of companies that bother with them: ones that care about cybersecurity and ones that have to do it for compliance (PCI/CMMC/etc). Both will have some kind of IDS and a SIEM.

    • jol
      link
      fedilink
      arrow-up
      12
      ·
      2 days ago

      Or because you hacked into the wrong company. This has happened multiple times.

      • Echo Dot@feddit.uk
        link
        fedilink
        arrow-up
        1
        ·
        2 days ago

        That’s what happens when you do off the book stuff on company time. Got to organize yourself better.

        • jol
          link
          fedilink
          arrow-up
          1
          ·
          2 days ago

          I’ve even heard stories of physical pen testers entering the wrong company. Oops.