Penetration Test Execution Standard Session
Friday, April 22, 11:10am - 12:00pm
Chris Nickerson, Iftach Ian Amit, Wim Remes, Stefan Friedli
PTES is a new standard designed to provide both businesses and security service providers with a common language and scope for performing penetration testing (i.e. Security evaluations). The industry has used the term “Penetration Test” in a variety of ways and meanings in the past. This has driven a large amount of confusion to what a “Penetration Test” is or isn’t. We aim to create a clear standard to measure “Penetration Testing” by and provide customers/consultants a guideline to how testing needs to be conducted. This will create maximum value to the client and insure they get repeatable and measurable QUALITY services.
What we are looking for out of this session:
-Gain help from people who understand the direction of the map and will be willing to document the methods used to carry out the tasks identified in the branches
-Take feedback and comments form the community on improvements
-Identify a timeline for the full standard creation
-Create teams to tackle writing our the formal standard
-Create tools to address the gaps identified during the creation of the Standard
-And most of all, put an end to the poorly defined term Penetration Test!
This panel will include some of the founders of the standard who will discuss how the standard is built and shaped by representatives from all segments of the industry. It will also include CISO/CSO representatives who will shed light on how this standard alters or reflects their business requirements.