PTES – Penetration Testing Execution Standard

Penetration Testing… What is it?  To most companies, that either choose or are forced to get one, the image of Uber-hackers defiling their business critical systems comes to mind.  Yes, an Uber-hacker should be expected but this isn’t always the case.  There are a number of disreputable firms out there that run a Nessus scan on your network and give you a pretty report and call it a pentest.  This is where the PTES comes in.  It is the goal of the PTES to create a standard for both Pentesters and businesses to follow/expect from a security audit or pentest.  This in turn increases the quality of a pentest.  Visit PTES and check out the massive amount of information on how to carry out a true and thorough pentest.