Well having pen-tests performed against your network is now an accepted common practice. These can range from the fairly simple to rather complex. It all depends on the outbound facing services, and any backend databases that may be there as well. Not to mention the vagaries of the website itself. Unlike a malicious hacker I can without reservation use something like Nessus or Nikto as I have been legally retained to do the pen-test. Using one of these tools is akin to marching into church with a brass band ie: very, very noisy.
On the other hand I have also done what is less known; the internal pen-test. This is where as you would likely guess are performing a pen-test of the internal network. I would actually be on the inside of the network in the building itself to see what weaknesses can be exploited. Having such a test done is crucial as disenfranchised employees can wreak havok if your internal network is not hardened. Hmmmmmm, not a bad idea to write about actually. Do any of you have some thoughts on internal vs. external pen-tests???