Should security testing (vulnerability scanning, web app pentesting, etc.) be performed through a full protection stack (firewall, IPS, WAF, email filter, etc.) or not? Some may answer with an initial gut reaction of, “Of course. It should be through whatever protection solutions are typically in place so it will most accurately reflect what an attacker […]