Jay Bavisi, CEO, EC-Council Group and Chairman of the Board, EC-Council University, will deliver the opening keynote address at the Forum of Incident Response and Security Teams (FIRST) Vegas Technical Colloquium, kicking off on December 5, 2017 at the Venetian Resort in Las Vegas, NV. Bavisi is expected to present on a key issue hindering the information security industry: the lack of testing models and useful certifications that verify real-world penetration testing skills. According to Jay Bavisi, “With the recent Equifax incident and the multitude of other data security breaches in recent years, the need for skilled, vetted penetration testers has increased for the world’s organizations.” However, there is an actual need for the continuous improvement of the measurement and validation of penetration testing skills so that the industry has a reliable pool of capable professionals to help defend their organizations from serious breaches.
Bavisi’s talk will touch on the lessons learned from the development of the Licensed Penetration Tester (Master) practical exam by EC-Council in the development of the knowledge, skills, and abilities crucial for penetration testers. The LPT (Master) is the capstone to EC-Council’s certification track and brings together the knowledge and skills taught in other EC-Council programs. While the Certified Ethical Hacker Program (CEH) program teaches students the fundamental knowledge they need, the EC-Council Certified Security Analyst (ECSA) Program requires that candidates demonstrate the skills based on the penetration testing framework methodology. The LPT (Master) exam certifies that an individual has and can apply pen testing skills before being a Licensed Penetration Tester.
The LPT (Master) certification is a part of EC-Council’s continuous effort to align the skills of penetration testers to the methods of an advanced attacker. The hands-on exam that students must pass to earn the certification offers a challenging environment previously unseen in the market. The exam simulates the complex network of a multinational organization and requires students to test its security before writing a full report.
To successfully pass the LPT (Master), candidates are given 18 hours to demonstrate an advanced understanding of testing modern infrastructures. The exam is broken into three levels and each level amounts to six hours of methodical thinking to overcome three strategically planned challenges. After the completion of each level, a thorough report must be submitted to test professionalism, a skill that every organization requires. Candidates must complete the first level to progress to the next level, while a minimum of five challenges out of nine must be completed to become an LPT (Master). Level 1 focuses on Web Application Exploitation, level 2 on Network Level Exploitations, and level 3 is composed of OS Level Exploitations.
Visit www.LPTMaster.com for more details.
ABOUT FIRST Technical Colloquia & Symposia
FIRST Technical Colloquia & Symposia provide a discussion forum for FIRST members (and non-members) and invited guests to share information about security operations, risk management, governance, legal and regulatory implications, vulnerabilities, incidents, tools, and all other issues that affect cybersecurity and incident response teams. The Las Vegas TC intends to have two major conference tracks running together in parallel. The presentations (including several panels) will cover a variety of subjects and industries. Both advanced and novice members of all cybersecurity and incident response teams are welcome to attend and strongly encouraged to submit presentations.
EC-Council has been the world’s leading information security certification body since the launch of their flagship program, Certified Ethical Hacker (CEH), which created the ethical hacking industry in 2002. Since the launch of CEH, EC-Council has added industry-leading programs to their portfolio to cover all aspects of information security including EC-Council Certified Security Analyst (ECSA), Computer Hacking Forensics Investigator (CHFI), Certified Chief Information Security Officer (CCISO), among others. EC-Council Foundation, the non-profit branch of EC-Council, created Global CyberLympics, the world’s first global hacking competition. EC-Council Foundation also hosts a suite of conferences across the US and around the world including Hacker Halted, Global CISO Forum, TakeDownCon, and CISO Summit.
For more information about EC-Council, please see https://www.eccouncil.org.