Our new SANS research takes you inside the minds & methods of modern adversaries. Get the report ›

Evaluating Offensive Security Solutions: Top 50 Questions to Ask

To ensure your security investments offer complete visibility into your attack surface and uncover critical risks at scale, we've compiled questions to help you evaluate solutions. We focus on six key areas: attack surface discovery, exposure identification, triage, validation, remediation, and outputs.

Top 50 Questions to Ask When Evaluating Offensive Security Providers check list first page preview

What to Consider When Selecting Attack Surface and Continuous Testing Solutions

To ensure your security investments offer complete visibility into your attack surface and uncover critical risks at scale, we've compiled questions to help you evaluate solutions.

Our interactive, downloadable checklist focuses on six key areas: attack surface discovery, exposure identification, triage, validation, remediation, and outputs.

A quick look at some of the questions we include:

  • What assets are in the scope of the discovery process?
  • How does the solution keep pace with emerging threats?
  • How does the solution determine what exposures are critical?
  • How is the solution reducing or eliminating false positives?
  • What approach is used to validate that exposures can be exploited?
  • To what degree is remediation guidance provided for validated exposures?

Wes Hutcherson headshot

About the author, Wes Hutcherson

Director of Product Marketing at Bishop Fox

Wes Hutcherson is the Director of Product Marketing for Bishop Fox where he oversees market intelligence, competitive research and go-to-market strategies. His multi-faceted, technology and cyber security experience spans over a decade with market leaders such as eSentire, Hewlett-Packard and Dell SecureWorks.
More by Wes

Extend Your Knowledge

Check out these related resources.

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.