Pentesting, Threat Hunting, and SOC: An Overview - Black Hills Information Security

I challenge this assertion in the blog (or maybe I just don't like the way it is worded):
"The question: How can we predict ways the bad guys will attack our systems, and how can we try to stop them? The answer: Penetration testing"

The intent of a pentest is to exploit vulnerabilities, not to predict them. To predict them you should use cyber intelligence, focused on the organization in question and a determination of the TTPs likely to be used against them. Pentesting can be used in two scenarios once these TTPs are determined.
1. A full scope assessment of the envrionment in question using the reported TTPs with the blue team standing by to observe the attacks, validate controls, and monitor which of the infrastructure/servers/endpoints are not hardened against the attacks (or wait for the report).
2. A red team assessment conducted at an unknown time and date to the orgnaization. These are meant to prove a point, that the attacker can get in, exploit the crown jewels (i.e. confirm access required to modify or exfill). These are not meant to be full scope across the entire network/enterprise, only enough to drive the point.

There are other reasons for pentest of course (like testing IoT for example), but again, this is not an exercise in prediction, but proof of concept. Cyber intelligence provide a means of prioritization to an organization. To be more specific, today's zero day might be a pretty critical one in the grand scheme, but based on the intelligence out there, what threat actors (TA) are capable of doing it? Does the org even have the systems vulnerable to it? Are the vulnerable systems even exposed in a way the TA can get to them? Does exposing the vulnerable system expose the orgs mission/business operation and/or provide a path to other systems that have that exposure?

Just my two cents worth from a cyber guy.