next up previous contents
Next: Bibliography Up: The Job of the Previous: Laws   Contents

Conclusion

To conclude, I'd say that Pen-Tester is a peculiar security-related job, as shown throughout this report, and even if there are threats affecting this job, they all can be overcome. So it is ovious that this profession will gain in importance in the future. I will finish with a cheerfull quote from Ivan Arce, Chief Technical Officer at Core Security Technologies [19, Ivan Arce] :

For the last three decades, penetration testing has been perceived as an obscure and almost magical discipline usually performed by highly skilled and very secretive professionals within the information security community. To date, these professionals have rarely discussed their techniques and daily activities in a public forum.

This veil of secrecy surrounding penetration testing (also known as pen-testing) has made it challenging for organizations to comprehend exactly what it is and what it is used for. I feel pen-testing is the most accurate and effective way to adopt the role of an attacker in order to identify and understand information security risks. It is simply a must-have practice if you are serious about security. While pen-testing has not yet been widely adopted, we are now seeing more and more individuals and organizations embracing the practice for a myriad of reasons, including: new regulatory requirements, new business opportunities, unfulfilled risk management promises, organizational information security due diligence or simply professional, academic and research interest.


next up previous contents
Next: Bibliography Up: The Job of the Previous: Laws   Contents
Christian Vincenot 2004-04-12