PenTesting and Security
The infamous breach at Sony in 2011 compromised the details of 77 million users and left them offline for some 23 days.
Undoubtedly most breaches are small only concern those involved, but major breaches are regularly in the press. Today the reputational damage can last years since Internet based news items remain accessible long after the event.
PenTesting and security reviews are the processes through which a website and cloud app weakness are discovered. These provide a risk profile for the systems in question and a discussion starting point should serious vulnerabilities be found.
Unfortunately, some of the in-house developed systems can be hard to remediate if they rely on extra modules with limited support. For this reason something as simple as PenTesting during the preliminary product selection process can stop a XXX deployment of products that will never meet the bar required. Far better to test and scrap a system during its early evaluation stages than wait for it becomes a vulnerable production system with data that is hard if not impossible to migrate.