Hey all,
I was just wondering about some in-house pentest best practices or at least brain storm some ideas. Some people I was talking to wanted to throw everything at the target machines, but I don't think that would be good since its so many logs would be coming in.
I'm thinking to select a certain type of attack for the target systems and make use cases in security systems surrounding the events.