>The Penetration Testing Execution Standard (PTES) – Part 1/8

>

Following are the main sections defined by the standard as the basis for penetration testing execution:

Well, after many months of hard work in the background, we’ve reached that point where it’s time to talk about PTES openly.

PTES (Penetration Testing Execution Standard) is a community driven project designed to clearly define what a penetration test is for both businesses and security service providers. Through a common language and scope for performing penetration tests, we hope to raise the overall quality of testing and really help businesses define what it is they need and expect from a penetration test.

As much as we hate to admit it ourselves, there’s a lot of low-quality testing taking place. Setting a standardized approach to scoping, performing and reporting a penetration test will ultimately help bring up the level of penetration testing to where it should be (or where we hope it will be).

Now, we can’t hope to cover every eventuality, and we certainly won’t try to tell testers what nmap options to use, but we can try to define the minimum steps and coverage required to really differentiate a vulnerability scan from a penetration test. It may sound silly to some, but businesses don’t know what they’re getting some times… and thinking you’re secure is never a good option!

Currently we’re in pre-alpha stages, so please get involved. Let us know what you think. Comment, discuss, argue… This doesn’t work without a community behind it.

Note: Please take time to read what we’re attempting and look at the mind-map information before starting to flame… The only thing worse than trying and failing, is not trying at all!

Links:

Anúncios

Deixe um comentário

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do WordPress.com

Você está comentando utilizando sua conta WordPress.com. Sair / Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair / Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair / Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair / Alterar )

Conectando a %s