Companies must communicate clear expectations when contracting with pentesters, red teams and vulnerability hunters in order to set key ground rules for what data and systems can be accessed, what’s off limits and who is responsible if something breaks. Of course, if you set too many restrictions an...