From the course: Dynamic Application Security Testing
Join today to access over 25,300 courses taught by industry experts.
Penetration testing execution standard - Burp Suite Tutorial
From the course: Dynamic Application Security Testing
Penetration testing execution standard
- [Instructor] The Penetration Testing Execution Standard or PTES provides expert guidance on how to conduct a penetration test from pre-engagement to reporting. By using the PTES as a model for planning your own application security test it's like you're standing on the shoulders of giants. The PTES outlines seven phases that you should consider when planning any penetration test. Pre-engagement interactions, intelligence gathering, threat modeling, vulnerability analysis, exploitation, post-exploitation, and reporting. Think of the PTES as a funnel, with the earlier phases at the top of the funnel and the later phases at the bottom. This is how pen testers allot their time during an engagement. Intelligence gathering occurs at the top of the funnel and it's where you're likely to spend most of your time during a pen test. As you move from one phase to the next, your testing activities will be more and more focused. In…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.