Skip to content


Threat-Informed Pentesting:

The First Step to Continuous Assessment

Ben Finke

Principal Consultant and Managing Partner, OnDefend

Dan DeCloss

Founder and CEO


Black Hat Europe 2023 - Prospect Meeting Request

This field is for validation purposes and should be left unchanged.


The best way to win the war against cybersecurity adversaries is by consistently testing your defenses against advanced, real-world threats. There’s no better way to do that than by starting with known threat intelligence. Companies already engage in traditional pentesting, but this isn’t sufficient to answer leadership and boards’ concerns about specific threat actors. Threat-informed pentesting (TIP) is the first step to cover these defenses.

TIP is an approach to offensive security strategy that leverages global threat intelligence about specific emerging adversaries to safely test those exact tactics and techniques on your environment. TIP offers a roadmap for short, iterate testing cycles that ensure your organization is prepared for the attacks bad actors are really using. Building a robust cybersecurity program on a foundation of continuous assessment is possible for teams of all sizes and resources when you leverage threat intelligence as the foundation of your strategy.

Are you or your customers settling for traditional pentesting?

Join Dan DeCloss of PlexTrac and Ben Finke of OnDefend for an expert crash-course on threat-informed pentesting. Throughout the cast — moderated by Emmy award winner Lauren Verno — you’ll learn

  • What TIP and continuous assessment are and are not.
  • How TIP differs from traditional pentesting.
  • What resources are available and how to get started.
  • Why implementing these practices will be useful to your security team in 2023.
  • What technology can help you implement TIP in a continuous assessment strategy, including PlexTrac and OnDefend’s BlindSPOT.


Ben Finke

Principal Consultant and Managing Partner, OnDefend
Ben has almost 2 decades worth of experience in cybersecurity, starting as a communication officer in the U.S. Air Force. Over the course of his career Ben worked with organizations ranging from government agencies to fortune 500 companies including, being embedded in development teams in SaaS companies, overseeing a red team for testing critical infrastructure systems, and running the security practice for a managed security provider. In 2016, Ben Co-founded OnDefend where he currently serves as the Chief Technology Officer. Ben also is the creator of BlindSpot, a purple team testing automation tool. Ben has a bachelor’s degree in Computer Science from Florida State University.

Dan DeCloss

Founder and CEO, PlexTrac
Dan has over 17 years of experience in cybersecurity. Dan started his career in the Department of Defense and then moved on to consulting where he worked for various companies. Prior to PlexTrac, Dan was the Director of Cybersecurity for Scentsy where he and his team built the security program out of its infancy into a best-in-class program. Dan has a master’s degree in Computer Science from the Naval Postgraduate School with an emphasis in Information Security. Additionally, Dan holds the OSCP and CISSP certifications.