DEV Community

Discussion on: Is web penetration testing worth it?

_wli profile image
William Li

Since it is your client's audit process then it's more of a hard requirement than something you can decide. You can always forward the charges to your client and present them with a list of third party vendors to pick from. Also, it will be these third parties's asses on the line if the site is penetrated later after deployment.