PTES White-Hat Hackers Initiative

New standard for penetration testing has been created with a wide set of rules to improve ethical hacking work and penetration testing mission.

Penetration Testing Execution Standard – PTES is the name of this standard that will help to have a clear path for pentester to check different vulnerabilities and provide customers a high quality formal standard to address different gaps.

Chris Nickerson, a Denver-based penetration tester who is spearheading the standard, estimated that 80 per cent of penetration testers do not perform even adequate tests, while charging top dollar for their services.

“Pen tests become a vortex that suck money out of people, and the reputation of the industry has gone up and down,” Nickerson, who runs Lares Consulting, said. Testers should hand a report on vulnerabilities to the client so that weaknesses may be fixed, but many of the reports are currently too simplistic or confusing.

The group of people that have been working on this project includes:

PTES is still at the alpha-stage “understanding” (mind map) so if you have an experience in the peneteration testing you can participate to the project with ideas and thought that you feel they add a value to this Standard.

The first draft is hoped for release at the Blackhat Las Vegas conference in August this year. While you can attend at Source Boston 2011 a panel that include some of the founders of the standard who will discuss how the standard is built and shaped by representatives from all segments of the industry.

make sure you subscribe to my RSS feed!