6 Steps to Building a Pentest Program for SOC 2 Compliance On-Demand Webinar

SOC 2’s COSO Principle 16 requires companies to select, develop, and perform ongoing and/or separate evaluations to test their security controls. Pentesting is an effective solution to this point, because it uncovers complex and chained exploits your scanners might have missed. What’s more, pentests can be standardized and linked into a formal program that systematically stress tests your systems monthly, quarterly, or as often as you need.


But how do you set up a pentest program for SOC 2 compliance? That’s the question we’ve raised to Alex Jones, Information Security Manager at Cobalt, and Rory McEntee — Director of Application Security at SpringCM, a DocuSign company. In this webinar, you can expect to learn more from them about:


● The value of a pentest program, particularly in achieving SOC 2 compliance;
● How to set one up, from picking the right assets to deciding on how often to test;
● How a pentest program can help you prepare for SOC 2 audits;

We'll finish up with a 20 minute networking session, just jump into the networking area to get automatically matched with another attendee at random, for a short speed-networking chat.