How to Get the Most From Your Penetration Test (According to Real Ethical Hackers)

We asked two of our senior security experts—Garrett Adler (Senior Pen Tester) and Terrill Thorn (Director of Pen Testing)—to walk through how companies like yours can squeeze the absolute most value out of their pen test.

Pen Test
Penetration Testing
Auditor Tips
How to Get the Most From Your Penetration Test (According to Real Ethical Hackers)

If you’re going to invest in a penetration test, you deserve to know you’re getting your money’s worth. Unfortunately, most companies don’t know what they’re actually getting. 

Whether it’s a too narrow scope, inadequate preparation, or not asking the right questions, some organizations miss significant opportunities to enhance their security posture—even after hiring a skilled penetration tester.

So, how can you ensure that’s not you?

We asked two of our senior security experts—Garrett Adler (Senior Pen Tester) and Terrill Thorn (Director of Pen Testing)—to walk through how companies like yours can squeeze the absolute most value out of their pen test. 

What is Penetration Testing?

A penetration test is essentially when you hire an ethical hacker to try to break into your systems. The goal isn't to cause actual damage, but to discover weaknesses before threat actors do. By simulating a real-world attack, pen testing reveals what a "bad actor" could achieve, providing invaluable insights. 

As Garrett Adler explains, 

"When we perform penetration tests, we will be essentially acting as a threat actor would on the internet, trying to identify and exploit vulnerabilities within your external network, your internal network, or your web applications." 

Ways to Maximize the Value of Your Penetration Test 

To get the most out of your penetration test, consider these tips. 

Run Internal Scanners

Before your pen tester starts, run internal scanners across your environment. Why? Because no one should pay an expert to find what a free tool could’ve flagged.

“Have automated scanners already running,” says Senior Pen Tester Garrett Adler. “That way, we can skip the low-hanging fruit and dive straight into complex vulnerabilities that scanners can’t touch.”

Have a Clear Objective

The clearer your objective, the better your results. Are you concerned about access control in your web app? Want to simulate an insider threat? Call it out. A strong objective focuses your test—and gives you answers that actually help your business.

Be Open to Expanding Scope

Being overly rigid with scoping can hide real risks. The most dangerous vulnerabilities usually live in the gray areas—the places where internal systems and external access overlap. If you don’t give testers permission to explore those paths, you may never find them.

As Director of Pen Testing, Terrill Thorn puts it: “One vulnerability leads to another. If you want a real-world picture, you have to let us follow the thread.”

Be Responsive

The best pen tests are collaborative. If your tester has a question mid-engagement, answering quickly can be the difference between discovering a high-impact vulnerability or running out of time.

“We’re not just trying to check a box,” says Garrett. “We’re trying to think like a real attacker. And that works best when we can collaborate with your team in real time.”

One Vulnerability To Rule Them All: A Real Life Pentest Story

Garrett Adler shared an example of a recent external penetration test that escalated:

"We were actually able to show with that application how an unauthenticated, unauthorized person could gain access to the application... With that, they could get code execution on the back-end server, allowing them to get on the internal environment... and gain domain administrative level to the environment."

Terrill Thorn adds, 

"I think that's a great illustration of some of the things that we were talking about earlier with being open to extending the scope of the penetration test. This was an external penetration test to start with, but then you were able to get onto the internal network." 

This comprehensive test, initially external, uncovered critical vulnerabilities across multiple layers, ultimately leading to domain administrator access – the "keys to the kingdom." It highlights the value of an open-ended scope, demonstrating how one vulnerability can lead to multiple compromises, and how thorough testing can reveal hidden risks. 

Penetration Test FAQs

How much does a pen test cost? 

Typical engagements range from $5,000–$15,000, depending on scope, size, and complexity.

How long does it take to schedule? 

Most kickoffs happen 7–10 days after contract signing.

Will it impact our systems? 

No. We avoid denial-of-service attacks and work to ensure high availability throughout the test.

What if we need help fixing what you find? 

Our reports include actionable remediation guidance. We’re also available to consult, if needed.

The Different Types of Penetration Tests (And When You Need Each)

SecurityMetrics offers different types of pen tests depending on your risk profile:

  • External Pen Testing: Simulates attacks from outside your network. Great for testing firewalls, VPNs, and public-facing services.
  • Internal Pen Testing: Simulates a compromised user or device within your network. Ideal for uncovering lateral movement and privilege escalation.
  • Web App Pen Testing: Targets your custom-built web apps. Includes tests with and without user credentials.
  • Mobile App Testing: Focuses on reverse engineering your mobile app and misused API keys or stored credentials.

What should you expect during your penetration test? 

Your penetration testing process will vary by provider. Below is an overview of how penetration tests work when you partner with SecurityMetrics. 

  1. Scheduling and test preparation

During this phase, you will experience a pre-engagement conference call covering your pen test needs, methodologies, objectives, the scope of your pen test, and your pen test date. Closer to your pen test date, you will receive a questionnaire that collects the needed information and documentation. You will then work with your point of contact to ensure your office is prepared for the test and that you won’t experience any downtime.

  1. Automated/manual testing

SecurityMetrics Pen Testers then attempt to find and exploit your vulnerabilities by using industry-standard methodologies. SecurityMetrics Pen Testers document everything they see to simplify your remediation process.

  1. Reporting and remediation

Within six weeks, you will receive your report, which includes a narrative of the pentest activities and details of identified vulnerabilities. The vulnerabilities will include recommended steps or actions for remediation. Once you have analyzed your report, you can work with a SecurityMetrics point-of-contact to receive advice on how to remediate and patch any weaknesses

  1. Retesting

Once you’ve finished your first remediation phase, your point-of-contact will schedule a retest of your system, checking for proper patching. Unlike many other pen testing firms, SecurityMetrics' pen testing includes retesting in your initial quote.

Why Choose SecurityMetrics for Your Pen Test? 

SecurityMetrics stands out for several reasons:

  • Manual Testing Focus: Garrett Adler highlights, "We do almost exclusive manual testing. We do run automated scanners, but that's just the beginning of our services... That's just the beginning for us."
  • Proof of Impact: They don't just identify vulnerabilities; they exploit them to demonstrate the real-world impact and potential damage an attacker could cause.
  • Risk Mitigation Guidance: Garrett states, "We're going to do our best to make your job as easy as possible and give you as much information as we can about a vulnerability and how you might be able to resolve it. That's all included in the report."
  • Compliance Alignment: Their methodology meets common compliance objectives (PCI, HIPAA, etc.).
  • Dedicated Support: You'll have a dedicated project manager as a contact person for any questions or concerns during and after the test.
  • Partnership Approach: SecurityMetrics aims to be a long-term partner in enhancing your security posture, not just a one-time service provider.
  • Unlimited Retesting: The 90-day retesting window includes unlimited retests, ensuring all identified issues are thoroughly fixed.

Final Thoughts: Getting the Most From Your Penetration Test

Penetration testing is a crucial investment for any organization serious about its cybersecurity. If you go into your pentest knowing what’s in store, you can adequately prepare and get the most out of your investment.

Join thousands of security professionals.
Subscribe Now
Interactive Penetration Testing Timeline Checklist
Download
Get Quote for Penetration Testing
Request a Quote