, Rookie Track
There’s more to pentesting than exploits and screenshots. This talk dives into the other half of the job — writing reports that matter, delivering debriefs that get attention, and building the soft skills that turn findings into action. Whether you're a tester or a consultant, you’ll learn how to communicate with clients, structure reports for real-world impact, and become the kind of professional teams actually listen to. If you've ever wondered how to bridge the gap between payloads and people, this talk is for you.
Exploits get the glory, but what happens after the payload lands is where the real impact begins. For many clients, the value of a penetration test isn't in the shell—it’s in the report, the debrief, and the relationship you build along the way.
This talk explores the other half of the job — the part where technical skill meets communication, empathy, and professionalism. We'll break down how to write reports that clients actually read and use, how to lead debrief calls that drive change (not just tick boxes), and how to navigate the tricky conversations that come with working in real-world environments.
You'll also hear lessons learned from real client engagements, including what builds trust, what destroys it, and how soft skills can turn a good pentester into a standout consultant.
Whether you're just starting out or looking to sharpen your edge, this session offers practical, actionable advice on delivering value beyond the pwn.
Dumisani Masimini is a penetration tester and consultant at Pentest People, where he helps organisations understand and reduce their security risk through meaningful, action-focused assessments. With experience across internal infrastructure, web apps, and Active Directory environments, Dumisani is passionate about making technical findings accessible and impactful for every level of an organisation.