Getting started on a career in penetration testing

BROWSE BY TAG Expert Archive: Security Management,   Application and Platform Security,   Enterprise Vulnerability Management,   Security Testing and Ethical Hacking,   Information Security Jobs and Training,   Information Security Careers, Training and Certifications,   VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Expert Archive: Security Management What is the GISP certification and how does it compare to the CISSP certification? Using a QSA to write up a PCI DSS report on compliance (ROC) How can gap analysis be applied to the security SDLC? Comparing cheap security products and appliances to costly appliances What are some tips on protecting my security budget in a poor economy? What value do research firms provide to their subscribing enterprises? What certificate offers the best ROI for an IT project manager? Is insider activity or outsider activity a bigger enterprise threat? How does information security prevent fraud in the enterprise? Differences between an SAS 70 data center and a Tier III data center Security Testing and Ethical Hacking H.D. Moore speaks about Metasploit Project deal, Release 3.3 Could Metasploit popularity erode? Metasploit Project acquired by vulnerability management firm Rapid7 Should management processes change based on a patch release schedule? Does an EULA make it truly illegal to decompile software? Screencast: BackTrack 4 offers an arsenal of penetration testing tools Security testing firm uncovers XML vulnerabilities Screencast: Samurai offers pen-testing nirvana The requirements needed to make an external penetration test legal McAfee to acquire Solidcore Systems for whitelisting Information Security Jobs and Training RSA security conference 2010: news, interviews and updates Straight from the inbox: Your infosec career questions answered Despite recession, information security certification pay continues to climb Bruce Schneier on outsourcing, awareness training Creating a personal brand in information security Feds push cybersecurity jobs, PCI DSS changes ahead. Feds announce 1,000 new security jobs Some IT security certifications are overvalued, analyst says How to prepare for an information security job interview Security industry remains resilient to tough economy

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary Cyber Storm  (SearchSecurity.com) ethical hacker  (SearchSecurity.com) ethical worm  (SearchSecurity.com) gray hat  (SearchSecurity.com) honey pot  (SearchSecurity.com) honeynet  (SearchSecurity.com) war dialer  (SearchSecurity.com) white hat  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

There are a number of different disciplines in penetration testing, so let me address the question from a couple of different perspectives. First, decide what kind of penetration testing you're interested in. It could be on networks, applications or even people. Those are all specific disciplines within a broader idea of penetration testing. Given your background as a QA engineer, focusing on application testing would be a great fit. One of the hardest things to learn as an application tester is how applications actually work. Since you've been testing applications for functionality and features for many years (I presume), then figuring out how to test for security issues is not a huge jump.

Also, there is massive demand for people who understand how to break into applications and how to suggest fixes for the discovered issues. Jeremiah Grossman of White Hat Security did some research last year that indicated we'd need ten times the number of application testers just to cover 2% of the most important Web applications out there. And with the continued proliferation of Web 2.0 applications, the problem isn't going to get better any time soon.

There are two ways to break into a new career – certifications or background. Things like training and certifications tend to be for folks that can't get from point A to point B. If your background doesn't lend any credibility to what you are trying to do, then you need some level of education and/or certification to prove your worth.

But if you have a technical background and show an interest and capability to use tools out there (like Web application scanners, Metasploit, and other pen testing techniques), you can make your way into the field without having to get a formal certification. I'm not saying the CEH isn't worth the time, but really determine if you need it to achieve your objective before investing the time and money to get certified.

For more information: