Penetration Testing considered harmful today

Early last year we presented at 44con with a talk titled: "Penetration Testing considered harmful today".

44con have just released the video so we figured it was worth a quick recap (for anyone not willing to tolerate the whiny voice!)

The original slides (in PDF) are available (here)

The central thesis of the talk is that penetration testing has established itself as a necessary activity for securing a network and is now pushed forward by a multi million dollar industry despite the clear signs that it is not helping all that much. (Read the annotated slides here)

Watch the video here: