How to Sell Penetration Testing (From Someone Who Actually Does It)
Most of what's written about how to sell penetration testing comes from vendors who've never carried a quota. This is what actually happens once you start doing it, the calls, the LinkedIn messages, the emails, and the mistakes that cost real deals.
Start by being honest about what the call actually is
The instinct a lot of new reps have is to disguise the call, warm it up, make it sound like anything other than a cold call. It backfires. The honest version works better: say plainly that this is a cold call about penetration testing or cybersecurity, and ask if they're open to hearing more. People take honesty on board more than they take a script. Being upfront is the version with the least friction for both sides.
Qualify first, pitch second, then stop talking
Once someone says yes to hearing more, give them a short, honest version of what you sell, then stop. This is the part most reps skip. The instinct is to keep selling once someone's listening, but the actual work happens when you go quiet and let them talk. Almost every real penetration testing deal I've closed from a cold call, I said very little after the first minute. You listen for what they actually need, not what you planned to say next.
The objection that isn't really the end of the conversation
"We already have a vendor" feels like a dead end, but it usually isn't. Ask when that contract expires, and ask directly if you can be considered when it comes up for renewal. That turns a closed door into a logged, dated follow-up instead of a lost deal. The same goes for "not right now", it's usually not a no forever, just a no for today. Ask if it's bad timing or genuinely not a priority, and you'll find out which one you're actually dealing with.
The mistake that costs more deals than price ever does
If someone asks what tools or methodology you actually use, or for a sample of your work, have a real, specific answer ready. A vague answer tells a technical buyer everything they need to know, and not in a good way. Know your own certifications, tools, and process well enough to answer specifically the moment someone asks, don't try to figure it out in the room. This single thing has cost real reps, myself included, meetings that should have closed.
LinkedIn works differently, and it's easy to get flagged without knowing why
LinkedIn is often the easiest channel once you understand it, but it punishes volume without pacing. Connecting with everyone in sight, too fast, is how accounts get quietly throttled or shadow banned, and most reps only find out after it's already happened. There's a specific way to pace connection requests and manage pending invitations that avoids this entirely, it's covered in full in the LinkedIn Strategy guide below.
None of this is about being naturally good at sales
It's about structure, honesty, and doing the reps even when it's uncomfortable. Cybersecurity sales specifically has no real shared playbook, most of what's out there is generic vendor content or theory with no real deals behind it. What's below is built from real outbound, calls, LinkedIn messages, and emails that actually happened, mistakes included.
The full scripts, sequences, and mistakes are in the library
Cold call scripts, LinkedIn strategy, email sequences, and the practical tips that don't fit in a blog post.
See the library