I have four years of experience in quality assurance engineering and two years of experience in testing security
IAM and vulnerability products. I want to move into penetration testing. How do I get into penetration testing? Should I go for any certification like CEH (EC-Council's Certified Ethical Hacker)?
There are a number of different disciplines in penetration testing, so let me address the question from a couple of different perspectives. First, decide what kind of penetration testing you're interested in. It could be on networks, applications or even people. Those are all specific disciplines within a broader idea of penetration testing. Given your background as a QA engineer, focusing on application testing would be a great fit. One of the hardest things to learn as an application tester is how applications actually work. Since you've been testing applications for functionality and features for many years (I presume), then figuring out how to test for security issues is not a huge jump.
Also, there is massive demand for people who understand how to break into applications and how to suggest fixes for the discovered issues. Jeremiah Grossman of White Hat Security did some research last year that indicated we'd need ten times the number of application testers just to cover 2% of the most important Web applications out there. And with the continued proliferation of Web 2.0 applications, the problem isn't going to get better any time soon.
There are two ways to break into a new career – certifications or background. Things like training and certifications tend to be for folks that can't get from point A to point B. If your background doesn't lend any credibility to what you are trying to do, then you need some level of education and/or certification to prove your worth.
But if you have a technical background and show an interest and capability to use tools out there (like Web application scanners, Metasploit, and other pen testing techniques), you can make your way into the field without having to get a formal certification. I'm not saying the CEH isn't worth the time, but really determine if you need it to achieve your objective before investing the time and money to get certified.
- Platform security expert Michael Cobb discusses the criteria for selecting a penetration testing tool.
- Penetration testing provides valuable information on the state of security defenses, but is it essential for network enterprise security?
Dig deeper on Security Testing and Ethical Hacking
Related Q&A from Mike Rothman, Contributor
In the world of security certifications, what is the GISP and how alike is it to the CISSP? In this security management expert response, learn about ...continue reading
Depending on your enterprise, it may or may not be necessary to utilize a QSA. In this security management expert response, learn how to determine ...continue reading
When developing software securely, what role does gap analysis play? In this security management expert response, learn how to implement gap analysis...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.