Currently, I have a generic "computer consultant" liability insurance giving me $500k USD coverage. Unfortunately, I don''t think my current agent understands what I do. Frankly, he just doesn't get it. As I do more and more security work, and specifically pen testing of financial institutions, I'm wondering if I have adequate coverage. Recently, an acquaintance who's in the insurance business said that understand what the pen test and infosec business involves. (I think he's seen Sneakers. ) At this point, I'm planning to sit down with this guy, and see what he has to say. Before I do however, I figured I'd ask what other pen testers are using for professional liability insurance, and what do you have for coverage? Do you have any advice on limits and do you have riders for any specific liabilities or specific problem areas?