Will vulnerability assessments and penetration testing find all the security vulnerabilities in your network and systems? Well, the simple answer to that is probably not; that is, of course, unless you are prepared to spend an awful lot of time, effort and money on it. So why bother having your systems tested then? Well, because it is still vitally important to protect your network from vulnerabilities. What is required is closer co-operation between the client and the pen tester. From a client’s perspective it’s about the importance of setting expectations and defining the requirements for penetration testing. From a tester’s point of view it’s a question of gathering as much information as possible about the internal workings of the business and the systems to be able to do a comprehensive vulnerability assessment.