We recall a time when two of our friends were arrested in a bar in Eastern Europe and were not returned to us for at least two weeks. As it happened the forementioned were senior penetration testers from a local security company, with a reputation for being thorough, imaginative and intensely minded in their work.
During their incarceration the pair were apparently probed for their knowledge of specific kinds of security algorithims. When asked exactly how this information was shared with the kidnappers, the answers were never forthcoming. We had thought they might have told us stories of electrical shocks to the usual places, or beatings on the backs of the legs - or perhaps the practice of water dunking.
It appears that after a day of interrogation the captors had decided to spill the beans.
It appears that our intensely dedicated colleagues had been put through a very different course of extreme rigour. One where they had spent 10 days and 10 nights drilling some of the best prostitutes - their captors money could buy.
When asked how they coped with their ordeal, they both said that they couldn't remember disclosing any confidential information and were more than likely going to change career now.
Any impartial judge might surely make the observation that there was more to their adventure than a fun time in the arms of Olga. But true to their word, they both left the security business and one is now running a guest house near Inverness, the other went on to found a website design company.
We ask - "Is too much sex bad for your Penetration Testers?!"
Can foreign security services take the pen - out of your penetration testers?