Pen Testing - Moving from Art to Science

Presented at Notacon 8 (2011), April 16, 2011, 7 p.m. (60 minutes)

Pen Testing has evolved greatly over the years, but it is still more an art than a science. Tests performed by different professionals often yield wildly varied results. Even the same person or team repeating the same test can end up with different outcomes. This may cause a mess, and limits the value which can be derived from a Pen Test. To move our field forward we need to be able to produce measurable and consistent results. This talk will cover the art of Pen Testing and suggest a line we can draw to move this art form into the 21st century as a science.


  • Matthew Neely
    Matt Neely is the Profiling Team Manager at SecureState where he leads a team that performs traditional and physical penetration tests, web application security reviews and wireless security assessments. Matt is a host on the Security Justice podcast, and spends his free time wearing kilts, hacking all things wireless and collecting pens.


Similar Presentations: