The Goldilocks Zone of Pen Testing

5/5 - (4 votes)

Criminals use the latest and greatest in tech to break into your company and steal your resources. Did you know your IT provider has access to all the same tech? Why not get it working for you? That’s where pen testing comes in.


Scroll down to the bottom of the page to watch the entire webcast.

Our CMO Devon Gillard recently chatted with CTO Calvin Engen and our Compliance and Operations manager, Mike Gilbert. They got into the nitty gritty of what a pen test is, and how to find the “Goldilocks” zone of penetration testing when looking to protect your business.

Goldilocks Zone of Pen Testing Insights

What is Penetration Testing? 

Mike breaks down what a penetration test is at [2:55] when Devon asks him if it compares to an annual physical at the doctor’s office. Instead of a doctor’s appointment, Mike makes the analogy of a pen test being similar to someone  trying to break into your house.

To look at pen testing from a different perspective, Calvin weighs in at [4:05]. He continues the break-and-enter analogy and explains how a pen test helps you discover if your window is unlocked, as well as what a nefarious actor could access in your home through that open window.

What is Vulnerability Assessment?

The term “vulnerability assessment” is discussed at [6:52]. Devon asks Mike to describe the difference between a pen test and a vulnerability assessment, and why it’s so important not to choose one or the other, but both.

How Much Cybersecurity Do You Need?

A business or organization needs to be pragmatic when spending money on their cybersecurity, Calvin points out at [13:22]. “If you’re going to spend a dollar, spend it on something meaningful.”

Cyber insurance is a hot topic these days, particularly because it’s becoming increasingly difficult to access. At [15:34] Calvin shares how a pen test can improve your chances of getting a cyber insurance policy.

F12 prides itself on being ahead of IT and cybersecurity trends. How do we do that? Well, we’ve been around the block a time or two. That’s how we know that our pen testing offering is a step up from the traditional model, which Calvin discusses at [18:15].

“Are organizations missing out by just looking at the outside versus the inside?” Devon asks Mike at [22:33]. Mike’s answer: definitely.

Devon brings the Goldilocks analogy to the forefront at [28:20] and identifies the range of pen tests on the market. Then, Mike assumes the role of Goldilocks, assessing various pen test options at [29:19].

As a great real-world example, Calvin shares a story at [30:38] of a pen test F12 conducted last year, and how having access to different types of testing saved the day in the case of a bad password.

At, we’ve been creating streamlined technology solutions for more than 20 years—can we help solve your IT challenges? Have you been searching for the “Goldilocks” zone of pen testing? Contact us today to see how we can boost your business and keep your company secure.

Book a Consultation