Topic:
How much Pen Testing is Enough?
Overview:
At our upcoming Tabletop Exercise Dinner, Paul Petefish will challenge one of the most deeply held assumptions in enterprise security: That Annual Pen Tests are Enough.
The reality? Traditional penetration testing was built for a world that no longer exists — one where infrastructure changed slowly and threat actors operated at human speed. Today’s cloud-native, continuously evolving environments demand something far more dynamic.
In this session, Paul Petefish will introduce the Continuous Penetration Testing Methodology (CPTM) — a structured framework that transforms offensive security from a point-in-time event into an always-on function.
You’ll walk away understanding:
✅ Why annual pen tests are failing to reflect real organizational risk
✅ How CPTM maps to — and exceeds — NIST, PTES, OWASP, and MITRE ATT&CK
✅ What it takes to run continuous offensive security at scale
✅ How to shift executive risk conversations from pass/fail to measurable, ongoing reduction
This one is for security leaders and practitioners who are ready to move beyond checkbox compliance and toward a future where your testing never stops.
Hosted by: Paul Petefish, Co-Founder, Evolve Security
Paul is an offensive cybersecurity leader, entrepreneur, and researcher with over 20 years of experience. A former penetration tester, he is the co-founder of Evolve Security, where he has spent the past decade building next-generation offensive security solutions.
He is the creator of the Continuous Penetration Testing Methodology (CPTM), a framework that modernizes traditional testing into an always-on security control aligned with today’s cloud-native environments, building on standards such as NIST SP 800-115, PTES, OWASP, and MITRE ATT&CK and designed to integrate across modern security channels and tooling.
Paul is also a patent holder, published vulnerability researcher, guest lecturer at the University of Chicago, and a recognized cyber expert for ABC and CBS Chicago, advancing how organizations measure and manage cyber risk.
KPMG First Floor Training Room
4655 Executive Dr, San Diego, CA 92121
Dinner will be provided
Note: Free street parking available – no validation
Thank You to Today’s Sponsor!
ISSA Membership & Inquiries
Join SD ISSA and start attending our meetings & events for FREE! Please Join Today!
If you have a job opening to highlight, please contact us at [email protected]
To inquire about sponsorship opportunities, please contact us at [email protected]
