There are very little company contracted pentesters. Arguably it could be considered a security risk to have contracted pentesters.
Whether well know names like facebook, or your local independent business, most would use the process of responsible disclosure in an effort to strengthen their security - effectively calling on the services of hackers all around the world with the reward of a bug bounty for those hackers who have identified vulnerabilities.
Whether well know names like facebook, or your local independent business, most would use the process of responsible disclosure in an effort to strengthen their security - effectively calling on the services of hackers all around the world with the reward of a bug bounty for those hackers who have identified vulnerabilities.