Penetration testing is in high demand with the need to meet compliance standards and combat security breaches. In this course, Penetration Testing: Setting the Scope and Rules of Engagement, you'll learn fundamental knowledge and gain the ability to scope a penetration testing engagement with paying customers. First, you'll explore how penetration tests are structured. Next, you'll dive into learning the tools and methodologies used to execute professional penetration tests. Finally, you'll discover how to structure deliverables in the form of work breakdown structures and final reports for your customers. When you're finished with this course, you'll have the necessary knowledge to structure penetration testing engagements needed to organize and deliver a successful and professional penetration testing engagement.
Chad has been in the Cyber Security industry for over 15 years. He's taught Microsoft Engineering courses as a Certified trainer. He's managed teams of security engineers and analysts for an Internet banking provider. He's been an information security consultant working for companies including SAP, Microsoft and Oracle.
Hi everyone, my name is Chad Russell , welcome to my course, Penetration Testing: Setting the Scope and Rules of Engagement.
I’m a Cloud Platform Security Consultant at Oracle Corporation and founder of webofsecurity.com.
This course introduces you to the penetration testing process and shows you how to structure and deliver a professional penetration test to paying customers. You will learn how to scope the business and technical components of an engagement and set expectations with your customers.
I’ll introduce you to pen testing tools and techniques specific to networks, hosts, applications and mobile devices testing.
Some of the major topics that I’ll cover with you include:
Establishing Goals, Objectives, and Deliverables for Pen Testing Engagements
Scoping Technical Aspects of the Engagement Concepts: Network scope. IP addresses, device types, vulnerability testing. Timing. Privilege escalation. Active vs. Passive testing (scanning, enumeration, exploitation and exfiltration)
How to navigate cloud providers, managed security service providers and ISPs when pen testing customer networks
You’ll learn how to structure an executive summary and technical report as part of your final deliverables when closing out a paid penetration testing engagement with a customer
By the end of this course, you will know how to structure, plan and execute a success penetration testing engagement for paying customers.
Join me on this journey to learn how to define and deliver penetration tests with thePenetration Testing: Setting the Scope and Rules of Engagement course, at Pluralsight.