It’s the end of the year, which means it’s officially time for fun stats, a little bragging, and a look behind the curtain of what our pen testers were up to in 2025. People often think of us as a compliance shop first, but our roots run deep in pen testing.
Do you know how many pen tests we conducted this year at Prescient Security? No? You can guess now and we’ll come back to the answer later.
You know what all those pen tests and testing hours mean? Manual pen tests find on average 20x more unique vulnerabilities than scans. So those hours are powerful and a reminder that humans still beat bots in finding the weird stuff. Which might explain why this industry is still underemployed.
Luckily at Prescient Security, we were able to snag some of the greatest testers out there. Our 45-person team has juniors with 3 or 4 years of experience and seasoned testers with 20 years under their belt.
As you can imagine, this range of people comes with a variety of skill sets. So if you book a manual pen test, you get rotation and different perspectives, and we still ensure a rapid kickoff in a week or less. The best part is that this assembly-line style of testing isn’t just great for team dynamics, it also strengthens consistency, improves remediation guidelines, and ensures clear evidence every time.
Now you’re probably wondering what industries are lucky enough to use our services. Most of our customers are in finance, medical, or tech. On top of our wide range of experience, 89% of our pen testers hold an advanced certification like CISSP, CEH, CREST Registered, or even AI-focused credentials.
To stay sharp and keep their muscle memory going, the team loves working on labs, sharing their learnings, and honestly, most of them are part-time yogis.
We asked them what clients might not know about manual testing, and the consensus was pretty clear: clients often don’t realize how time-consuming a pen test actually is and that scanners aren’t doing all the work. Between validating every finding with clear evidence, exploring complex business logic, and replicating real-world attacker behavior, our testers are BUSY, and spent over 55,000 hours on testing this year.
Of course, they also have tools like Nuclei or Burp Suite that help with some tasks. You can probably guess what new technology excites them the most but would you have guessed it also concerns them the most? AI does it all.
No matter what brought them into pen testing, from being scammed themselves, to a classic software engineering start, to being recruited by the NSA’s director of red teaming, we’re lucky to have them and their experience finish 1,281 pen tests this year.
Would you have guessed it right?
Thanks to our team and our clients for an incredible year, here’s to even more manual testing magic in 2026.