We'd like to hear your professional opinion on what aspects would you look for when evaluating a Penetration Testing Services company (i.e., looking to outsource them) for your enterprise.
(local or global) market reputation/recognition (+ founded time), quality of services/professionals, customers served (mainly business-line, some very good with application is not so good with hardware/telecom, for example), staff (who will meet the demand), laboratory/tools available (not just commercial or well-known tools).
"Only price" should not be an isolated parameter of final choice.
@Jairo Willian Pereira thank you!
@Alon Mantsur, @Jairo Willian Pereira and @KashifJamil, can you please share some of your experience?
What should one include (essential items) into a Service Level Agreement (SLA) when purchasing cloud penetration testing services?