Usually, penetration testing is required for big applications, where security has already been taken into consideration from the beginning of the development process and the customer is hiring external testers, which might have a different view and therefore, might get more creative. The purpose would be to simulate a real attack and track the behavior of the system and how the team maintaining it is able to respond.
With a few months to go until the new data protection legislation comes into effect, we take a look at what impact this may have on software development and testing companies.
The General Data Protection Regulation (GDPR) will come in effect on May 25th 2018 and many companies are not either A) aware of this change, or B) understand the impact it has on its business. Because of the fact that the penalties are huge, for those who do not comply with the regulation (up to 4% of annual turnover or €20 million, whichever is greater), it is important that all business take action now to ensure complicity.