Training
Featured CourseView All Courses
Get a free hour of SANS training

Experience SANS training through course previews.

Learn More
Learning Paths
FeaturedView all Focus Areas
Cloud Security Training, Courses, and Resources
Can't find what you are looking for?

Let us help.

Contact us
Community Resources

SANS Community Benefits

Connect, learn, and share with other cybersecurity professionals

AI Risk & Readiness

Explore expert-driven guidance, training, and tools to help defend against AI-powered threats and adopt AI securely.

Join the SANS Community

Become a member for instant access to our free resources.

Sign Up
For Organizations

Public Sector

Mission-focused cybersecurity training for government, defense, and education

Partnerships

Explore industry-specific programming and customized training solutions

Sponsorship Opportunities

Sponsor a SANS event or research paper

Interested in developing a training plan to fit your organization’s needs?

We're here to help.

Contact Us
Talk With an Expert
Talk With an Expert

Continuous Penetration Testing: Closing the Gaps Between Threat and Response

This content is provided free of charge through collaboration between SANS and its sponsor(s). If you prefer not to share your contact details with the sponsor(s), you have the option of waiting approximately 30 days after the original publication date. After 30 days, to download the content, you will be required to create a SANS account, but your information will not be shared with the sponsor(s).

Continuous Penetration Testing: Closing the Gaps Between Threat and Response (PDF, 0.41MB)Published: 05 Sep, 2025
Created by:
Chris Dale
Chris Dale

Thank You To Our Sponsor

This paper examines how Sprocket Security leverages attack surface management (ASM) to provide defenders with much-needed visibility and control.

Continuous Penetration Testing: Closing the Gaps Between Threat and Response

Related Webcast

Register now to learn how Continuous Penetration Testing can transform your security strategy from reactive to proactive—delivering compliance, resilience, and confidence in a rapidly changing threat landscape.

Read more
Webcast

Meet Your Expert

Chris Dale
Chris Dale

Chris Dale

Principal Instructor

Chris Dale is the founder and principal consultant at River Security. Chris has a background in System Development, IT-Operations and Security Management, and uses his hacker skills to demonstrate risk via Offensive Services and Incident Response.

Read more about Chris Dale

Additional Resources

The Mimic Octopus: Weaponizing File Corruption and Recoverability to Bypass Antivirus and Email Filtering

WhitepaperOffensive Operations
  • 3 Sep 2025

From Crash to Compromise: Unlocking the Potential of Windows Crash Dumps in Offensive Security

WhitepaperOffensive Operations
  • 9 May 2025
  • SANS Institute

SANS 2024 Application Security & API Survey: Protecting our Applications and APIs

WhitepaperSecurity Awareness, Offensive Operations
  • 5 Jun 2024
  • Matt Bromiley, David Hazar

CloudFront Real-Time Logs Rate Sampling and Detection

WhitepaperOffensive Operations
  • 29 Jan 2024

The Evolution of the Digital Predator: Using AI to Evade Security Controls

WhitepaperOffensive Operations, Artificial Intelligence
  • 20 Dec 2023
  • Foster Nethercott

Who Needs a Pentest: Validating the Configuration of an EDR Solution Using the MITRE ATT&CK Framework

WhitepaperCyber Defense, Offensive Operations, Cybersecurity Leadership
  • 7 Nov 2023

Related courses

  • Slide 1 of 18

    SEC588: Cloud Penetration Testing

    Intermediate
    SEC588Offensive Operations
    SEC588: Cloud Penetration Testing
    • GIAC Cloud Penetration Tester (GCPN)
    • 6 Days (Instructor-Led)
    • 36 CPEs / 36 Hours (Self-Paced)
    • Labs: 27 Hands-On Labs

    View course detailsRegister
  • Slide 2 of 18

    SEC467: Social Engineering for Security Professionals

    Beginner
    SEC467Offensive Operations
    SEC467: Social Engineering For Security Professionals
    • 2 Days (Instructor-Led)
    • 12 CPEs / 12 Hours (Self-Paced)
    • Labs: 8 Hands-On Labs

    View course detailsRegister
  • Slide 3 of 18

    SEC565: Red Team Operations and Adversary Emulation

    Intermediate
    SEC565Offensive Operations
    SEC565: Red Team Operations and Adversary Emulation
    • GIAC Red Team Professional (GRTP)
    • 6 Days (Instructor-Led)
    • 36 CPEs / 36 Hours (Self-Paced)
    • Labs: 30 Hands-On Labs

    View course detailsRegister
  • Slide 4 of 18

    SEC560: Enterprise Penetration Testing

    Intermediate
    SEC560Offensive Operations
    SEC560: Enterprise Penetration Testing
    • GIAC Penetration Tester (GPEN)
    • 6 Days (Instructor-Led)
    • 36 CPEs / 36 Hours (Self-Paced)
    • Labs: 30 Hands-On Labs

    View course detailsRegister
  • Slide 5 of 18

    SEC556: IoT Penetration Testing

    Intermediate
    SEC556Offensive Operations
    SEC556: IoT Penetration Testing
    • 3 Days (Instructor-Led)
    • 18 CPEs / 18 Hours (Self-Paced)
    • Labs: 13 Hands-On Labs

    View course detailsRegister
  • Slide 6 of 18

    SEC699: Advanced Purple Teaming - Adversary Emulation & Detection Engineering

    Advanced
    SEC699Offensive Operations
    SEC699: Advanced Purple Teaming - Adversary Emulation & Detection Engineering
    • 5 Days (Instructor-Led)
    • 36 CPEs / 36 Hours (Self-Paced)
    • Labs: 29 Hands-On Labs

    View course detailsRegister
  • Slide 7 of 18

    SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking

    Advanced
    SEC660Offensive Operations
    SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking
    • GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
    • 6 Days (Instructor-Led)
    • 46 CPEs / 46 Hours (Self-Paced)
    • Labs: 30 Hands-On Labs

    View course detailsRegister
  • Slide 8 of 18

    SEC504: Hacker Tools, Techniques, and Incident Handling

    Essentials
    SEC504Offensive Operations
    SEC504: Hacker Tools, Techniques, and Incident Handling
    • GIAC Certified Incident Handler Certification (GCIH)
    • 6 Days (Instructor-Led)
    • 38 CPEs / 38 Hours (Self-Paced)
    • Labs: 30 Hands-On Labs

    View course detailsRegister
  • Slide 9 of 18

    SEC580: Metasploit for Enterprise Penetration Testing

    Intermediate
    SEC580Offensive Operations
    SEC580: Metasploit for Enterprise Penetration Testing
    • 12 CPEs / 12 Hours (Self-Paced)
    • Labs: 10 Hands-On Labs

    View course detailsRegister
  • Slide 10 of 18

    SEC599: Defeating Advanced Adversaries - Purple Team Tactics & Kill Chain Defenses

    Major UpdatesIntermediate
    SEC599Offensive Operations
    SEC599: Defeating Advanced Adversaries - Purple Team Tactics & Kill Chain Defenses
    • GIAC Defending Advanced Threats (GDAT)
    • 6 Days (Instructor-Led)
    • 36 CPEs / 36 Hours (Self-Paced)
    • Labs: 25 Hands-On Labs

    View course detailsRegister
  • Slide 11 of 18

    SEC617: Wireless Penetration Testing and Ethical Hacking

    Advanced
    SEC617Offensive Operations
    SEC617: Wireless Penetration Testing and Ethical Hacking
    • GIAC Assessing and Auditing Wireless Networks (GAWN)
    • 6 Days (Instructor-Led)
    • 36 CPEs / 36 Hours (Self-Paced)
    • Labs: 20 Hands-On Labs

    View course detailsRegister
  • Slide 12 of 18

    SEC760: Advanced Exploit Development for Penetration Testers

    Advanced
    SEC760Offensive Operations
    SEC760: Advanced Exploit Development for Penetration Testers
    • 5 Days (Instructor-Led)
    • 40 CPEs / 40 Hours (Self-Paced)
    • Labs: 20 Hands-On Labs

    View course detailsRegister
  • Slide 13 of 18

    SEC542: Web App Penetration Testing and Ethical Hacking

    Intermediate
    SEC542Offensive Operations
    SEC542: Web App Penetration Testing and Ethical Hacking
    • GIAC Web Application Penetration Tester (GWAPT)
    • 6 Days (Instructor-Led)
    • 36 CPEs / 36 Hours (Self-Paced)
    • Labs: 30 Hands-On Labs

    View course detailsRegister
  • Slide 14 of 18

    SEC504J: Hacker Tools, Techniques, and Incident Handling (Japanese)

    Essentials
    SEC504JOffensive Operations
    SEC504: Hacker Tools, Techniques, and Incident Handling
    • GIAC Certified Incident Handler Certification (GCIH)
    • 6 Days (Instructor-Led)
    • 38 CPEs / 38 Hours (Self-Paced)
    • Labs: 30 Hands-On Labs

    View course detailsRegister
  • Slide 15 of 18

    SEC575: iOS and Android Application Security Analysis and Penetration Testing

    Intermediate
    SEC575Offensive Operations
    SEC575: iOS and Android Application Security Analysis and Penetration Testing
    • GIAC Mobile Device Security Analyst (GMOB)
    • 6 Days (Instructor-Led)
    • 36 CPEs / 36 Hours (Self-Paced)
    • Labs: 20 Hands-On Labs

    View course detailsRegister
  • Slide 16 of 18

    SEC598: AI and Security Automation for Red, Blue, and Purple Teams

    Major UpdatesIntermediate
    SEC598Offensive Operations
    SEC598: AI and Security Automation for Red, Blue, and Purple Teams
    • 6 Days (Instructor-Led)
    • 36 CPEs / 36 Hours (Self-Paced)
    • Labs: 25 Hands-On Labs

    View course detailsRegister
  • Slide 17 of 18

    SEC535: Offensive AI - Attack Tools and Techniques

    newIntermediate
    SEC535Offensive Operations
    SEC535: Offensive AI - Attack Tools and Techniques
    • 3 Days (Instructor-Led)
    • 18 CPEs / 18 Hours (Self-Paced)
    • Labs: 14 Hands-On Labs

    View course detailsRegister
  • Slide 18 of 18

    SEC670: Red Teaming Tools - Developing Windows Implants, Shellcode, Command and Control

    Advanced
    SEC670Offensive Operations
    SEC670: Red Teaming Tools - Developing Windows Implants, Shellcode, Command and Control
    • 6 Days (Instructor-Led)
    • 46 CPEs / 46 Hours (Self-Paced)
    • Labs: 27 Hands-On Labs

    View course detailsRegister