Comment by alt227

2 years ago

>run some automated pen tests on your site and then you are done

Haha you are obviously choosing to hide some pain away from your memories.

I agree that you run automated pen tests, but then securing up all networks servers with the results of those pentests can be incredibly time consuming and awkward.

1 comment

alt227

Reply
jjeaff  2 years ago

I suppose on a very complex system, that could be a big deal. But I think the last site I did it on was running on AWS so all ports were closed unless I specifically opened them for a specific purpose and it was just a few tweaks I had to make to pass. I normally only have 80 and 443 open to the outside world.