Spencer Alessi’s Post

View profile for Spencer Alessi, graphic
Spencer Alessi

Pentester @SecurIT360 | Recovering Sysadmin | Ethical Threat | Active Directory Security Connoisseur

Pentesting against a well-defended organization can either be the worst experience or the absolute BEST experience. Let me explain… It can be the worst if you think you’re only there to hack stuff… It can be the best if you realize you’re there to help the company improve… Didn’t find any critical vulnerabilities? Good. Found some “small” thing that seems like it doesn’t matter all that much? Good!

Vebjørn Risa

Cybersecurity Consultant and Content Creator | Principal Penetration Tester at KPMG Norway

1mo

Its also an opportunity to highlight the great work that has been done by the organisations security team🙌

Like
Reply
3 Reactions
Paul C.

Senior Penetration Tester GXPN/GWAPT/GREM/GCFA/GDSA

1mo

It can make you get creative. Cant get in with an off the shelf python script? My proudest moments didn't result in Domain Admin, but still could have been catastrophic losses for the orgs and used tools I made myself.

Like
Reply
1 Reaction
Daniel Krilich

| Penetration Tester | PNPT | PJPT | Security+ | (ISC)2 CC | Army Veteran #AATW | Mental Health Advocate

1mo

Nothing like having to write the report after demolishing a company on a test 😭

Like
Reply
2 Reactions
Omair M.

Cybersecurity Visionary | Chief Hacker @ ioSENTRIX | AppSec & Manual Penetration Testing Expert | vCISO | Bridging the Gap Between Perceived and Actual Security

1mo

True, no findings aren’t a failure, they are validation. But overlooked gaps can always snowball into bigger risks down the line.

Like
Reply
1 Reaction
See more comments

To view or add a comment, sign in

More Relevant Posts

  • View organization page for StationX, graphic
    StationX

    6,804 followers

    🔍 How to Scan Vulnerabilities With Nmap: A Comprehensive Guide 🔍 This guide covers Nmap’s core features, scanning techniques, and helpful tips—complete with screenshots to get you started securing your network. 🛡️💻 Read more: https://lnkd.in/d_Y8wrUk

    • No alternative text description for this image

    To view or add a comment, sign in

  • View profile for Angel Redoble, graphic
    Angel Redoble

    Chairman and Managing Partner, Angel T Redoble & Associates CISO as a Service / Chairman and Founding President of the Philippine Institute of Cyber Security Professionals / Adviser to the CEO (PLDT) on Cybersecurity

    While publishing vulnerabilities help the good guys improve their defenses, it is also giving threat actors Class A information in choosing their targets. It takes at least 2 weeks for an organization to deploy patches and fixes once available, and that’s a window of opportunity for the threat actors… https://lnkd.in/gKyyasr6

    Known Exploited Vulnerabilities Catalog | CISA

    Known Exploited Vulnerabilities Catalog | CISA

    cisa.gov

    To view or add a comment, sign in

  • View profile for Charles Green, graphic
    Charles Green

    Founder | Security Advisor | Speaker | Posts & articles about the process

    Penetration testing isn't just about finding vulnerabilities. It's making sure your system strong enough so that, even if it's breached, the attackers won't be able steal your assets or cause damage.

    To view or add a comment, sign in

  • View profile for Musa M Yelwa, graphic
    Musa M Yelwa

    CyberSecurity Analyst | Computer System Engineer | Graphics Designer

    🔍 How to Scan Vulnerabilities With Nmap🔍 This guide covers Nmap’s core features, scanning techniques, and helpful tips—complete with screenshots to get you started securing your network. 🛡️💻

    • No alternative text description for this image

    To view or add a comment, sign in

  • View organization page for ITNS Consulting, LLC, graphic
    ITNS Consulting, LLC

    83 followers

    After fixing critical and medium-level vulnerabilities, consider addressing less urgent gaps if your budget permits. It's better to prevent problems than fix them later! Drop a "yes!" below if you've started securing your IT setup for 2024!

    • No alternative text description for this image

    To view or add a comment, sign in

  • View profile for oluwafemi odugbemi, graphic
    oluwafemi odugbemi

    System Operator at Seamless Consulting

    Nmap script scan results discovering several exploitable vulnerabilities. It took a 7 minutes because of the deeply of the scan. Nmap is more powerful than you think.

    To view or add a comment, sign in

  • View organization page for Advice For Advisers ltd, graphic
    Advice For Advisers ltd

    127 followers

    The ability to truly listen to your client, is so important. Not only so that you can understand what they want, but so you can also identify any vulnerabilities, and spot the things that they are not saying too. Sometimes the things that are not said are the most important.

    • No alternative text description for this image

    To view or add a comment, sign in

Spencer Alessi

7,587 followers

View Profile

Explore topics