I have four years of experience in quality assurance engineering and two years of experience in testing security...
IAM and vulnerability products. I want to move into penetration testing. How do I get into penetration testing? Should I go for any certification like CEH (EC-Council's Certified Ethical Hacker)?
There are a number of different disciplines in penetration testing, so let me address the question from a couple of different perspectives. , decide what kind of penetration testing you're interested in. It could be on networks, applications or even people. Those are all specific disciplines within a broader idea of penetration testing. Given your background as a QA engineer, focusing on application testing would be a great fit. One of the hardest things to learn as an application tester is how applications actually work. Since you've been testing applications for functionality and features for many years (I presume), then figuring out how to test for security issues is not a huge jump.
Also, there is massive demand for people who understand how to break into applications and how to suggest fixes for the discovered issues. Jeremiah Grossman of White Hat Security did some research last year that indicated we'd need ten times the number of application testers just to cover 2% of the most important Web applications out there. And with the continued proliferation of Web 2.0 applications, the problem isn't going to get better any time soon.
There are two ways to break into a career – certifications or background. Things like training and certifications tend to be for folks that can't get from point A to point B. If your background doesn't lend any credibility to what you are trying to do, then you need some level of education and/or certification to prove your worth.
But if you have a technical background and show an interest and capability to use tools out there (like Web application scanners, Metasploit, and other pen testing techniques), you can make your way into the field without having to get a formal certification. I'm not saying the CEH isn't worth the time, but really determine if you need it to achieve your objective before investing the time and money to get certified.
- Platform security expert Michael Cobb discusses the criteria for selecting a penetration testing tool.
- Penetration testing provides valuable information on the state of security defenses, but is it essential for network enterprise security?
Dig Deeper on Penetration testing, ethical hacking and vulnerability assessments
Related Q&A from Mike Rothman
Pirated software is still a major concern nowadays. Uncover how to prevent software piracy and protect your organization's intellectual property. Continue Reading
While liaison officer responsibilities vary depending on the company they work for, their strong organizational and communications skills make them ... Continue Reading
The CISSP certification can be a challenge to obtain. Mike Rothman unveils how to get on the right education and career tracks in order to get CISSP ... Continue Reading