Too Long; Didn't Read
The best pentesters aren’t always those that hold all the certifications, or have a college degree in the field. Instead, it’s important to consider how testers are vetted and onboarded and how they work to keep up with their skills and relevancy. For organizations that have internal security teams: Stand up a virtual environment with multiple purposefully vulnerable applications, network segments, and operating systems. Hold recurring events, like capture the flag, or hackathons, where team members work collaboratively. Pair more experienced testers with those who have gaps or are just starting out.