next up previous contents
Next: The process of Pen-Testing Up: Pen-Tester : The job Previous: Presentation   Contents

Integration into the IT scheme

Figure 1: Enterprise Scheme Example
\begin{figure}\begin{center}
\resizebox{16cm}{!}{\psfig{file=scheme1.eps}}
\end{center}
\end{figure}

The main IT jobs can be summed up as follows (See Figure 1) :

Of course the organization presented in Figure 1 is general, simplified and can vary a lot depending on the company's size and needs. It's just meant to give a general idea of what it can look like. Specialized tasks like Web development or even technical support can be let to an external corporation. That's what happens most of the time for pen-testing in fact.

Moreover, if pen-testers are to be included in the company organisation structure, they are to be part of the Network Administration Department. However their work is very specific and corporations suffer from the lack of qualified personnel. So as a result pen-testing is usually taken care of by external companies or well-known groups of hackers. That makes the job of the pen-tester look even more eccentric as it is not integrated into the normal IT scheme. [7, Pen-Testing : Should you do it ?]

To sum up, their scarceness forces them to join IT security companies or form specialised teams (if they manage to get famous enough).


next up previous contents
Next: The process of Pen-Testing Up: Pen-Tester : The job Previous: Presentation   Contents
Christian Vincenot 2004-04-12