In this episode Brad and Spencer discuss the nuances around scoping offensive security engagements. Scoping an offensive security engagement involves defining boundaries, objectives, and limitations before starting. It includes objectives, rules, scope boundaries, legal considerations, timeframe, reporting, approval, and sign-off. Scoping is important for clarity, risk management, compliance, stakeholder involvement, and setting expectations.
Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov
Follow Spencer on social ⬇
Spencer's Links: https://go.spenceralessi.com/links
Work with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we do internal pentesting here.
