Common cybersecurity testing mistakes and how to avoid them