By: Hugh Shepherd
April 10, 2020
Penetration Testing Execution Standard (PTES)
By: Hugh Shepherd
April 10, 2020
Cybrary’s course on the Penetration Testing Execution Standard (PTES) is an outstanding training offering. This course covers all phases of the PTES in detail and shows how they’re applied in real-world situations. If you’re a business owner that utilizes penetration testing (pentest), a provider of pentest services, or someone just interested in ethical hacking (i.e., penetration testing), I highly recommend this course. PTES provides a great foundation of best practices and methodologies that can be used when performing a penetration test.
This is an intermediate level course that provides a little over 13 hours of instruction (13 CEU/CPE). This is a great course for both non-technical and technical people. However, having knowledge and understanding of basic technical and security testing terminology is recommended. After completing this course, students should have gained an understanding of the activities that support the seven core areas of PTES and how to apply them in a real-world penetration testing engagement.
Developed in 2009 by a group of infosec practitioners, the Penetration Testing Execution Standard (PTES) addresses the need for a complete penetration testing standard. Additionally, the founders of PTES wanted to provide a common language and scope for the conduction of these types of activities. The Penetration Testing Execution Standard (PTES) comprises seven phases covering the entire penetration testing process. The intended users of PTES are business leaders that value penetration testing standards within their organizations and the security professionals that conduct penetration testing services. Ultimately, the standard provides a deeper understanding of all the phases of PTES and how it can be utilized by businesses and providers alike.
Cybrary’s PTES course is organized into seven main sections covering each phase of the standard in detail. Just like the standard itself, the course modules cover the following topics:
- Pre-engagement Interactions
- Intelligence Gathering
- Threat Modeling
- Vulnerability Analysis
- Post Exploitation
Through a series of lectures, real world-examples, professional insights, and by sharing his own experiences, the instructor covers each module in extensive detail. Furthermore, each module contains reasonably challenging learning checks that help to reinforce the topic covered during each session.
Personally, I think this course is outstanding. I found the lectures to be extremely informative, very interesting, and easy to follow. Some people may find training courses on technical standards and frameworks to be dry and boring stuff, but for me this was not the case with the PTES course. I was never bored; It held my interest from beginning to end. Also, I found the pace and tone of the instructor’s delivery to be very conducive to learning, which in my experience is quite an accomplishment for what could be a very dry and exhausting topic to cover. I have years of experience in information technology and cyber security; however my penetration testing experience is limited. Nevertheless, after completing Cybrary’s PTES course, I feel confident in the knowledge I have gained on penetration testing.
This course may help you prepare for certification by:
- Learning one of the most complete penetration testing methodologies in the market.
- Learning best practices and methodologies for conducting penetration testing.
- Learning a standard approach to conducting penetration testing / ethical hacking.
Cybrary offers numerous other learning resources related to penetration testing and ethical hacking.