Q

Getting started on a career in penetration testing

In this expert response, Mike Rothman offers insight on how to start a career in penetration testing.

This Content Component encountered an error

I have four years of experience in quality assurance engineering and two years of experience in testing security IAM and vulnerability products. I want to move into penetration testing. How do I get into penetration testing? Should I go for any certification like CEH (EC-Council's Certified Ethical Hacker)?

There are a number of different disciplines in penetration testing, so let me address the question from a couple of different perspectives. First, decide what kind of penetration testing you're interested in. It could be on networks, applications or even people. Those are all specific disciplines within a broader idea of penetration testing. Given your background as a QA engineer, focusing on application testing would be a great fit. One of the hardest things to learn as an application tester is how applications actually work. Since you've been testing applications for functionality and features for many years (I presume), then figuring out how to test for security issues is not a huge jump.

Also, there is massive demand for people who understand how to break into applications and how to suggest fixes for the discovered issues. Jeremiah Grossman of White Hat Security did some research last year that indicated we'd need ten times the number of application testers just to cover 2% of the most important Web applications out there. And with the continued proliferation of Web 2.0 applications, the problem isn't going to get better any time soon.

There are two ways to break into a new career – certifications or background. Things like training and certifications tend to be for folks that can't get from point A to point B. If your background doesn't lend any credibility to what you are trying to do, then you need some level of education and/or certification to prove your worth.

But if you have a technical background and show an interest and capability to use tools out there (like Web application scanners, Metasploit, and other pen testing techniques), you can make your way into the field without having to get a formal certification. I'm not saying the CEH isn't worth the time, but really determine if you need it to achieve your objective before investing the time and money to get certified.

More on this topic

 

This was first published in December 2007

Dig deeper on Security Testing and Ethical Hacking

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close