Penetration and vulnerability tester

The penetration and vulnerability tester role includes a variety of mid-level information security positions focused on conducting formal tests to break into and exploit computer systems.

What does a penetration tester do?

Penetration and vulnerability testers require a thorough understanding of pentesting methodologies and vulnerability assessments, as well as the ability to exploit systems and effectively communicate findings.

It is one of three mid-level, core cybersecurity roles mapped directly to the National Initiative for Cybersecurity Education’s CyberSeek model.

Start learning today

Certified Expert Penetration Tester (CEPT)
Learning Path
Certified Expert Penetration Tester (CEPT)

Certified Expert Penetration Tester (CEPT)

The Certified Expert Penetration Tester (CEPT) certification path teaches you advanced hacking tools and techniques. You'll learn how to successfully attack fully patched and hardened systems, how to circumvent common security controls, and how to defend your organization against advanced persistent threats.
Certified Mobile and Web App Penetration Tester (CMWAPT)
Learning Path
Certified Mobile and Web App Penetration Tester (CMWAPT)

Certified Mobile and Web App Penetration Tester (CMWAPT)

The Certified Mobile and Web App Penetration Tester (CMWAPT) certification path teaches you the skills, tools and techniques required for conducting comprehensive security tests of mobile and Web applications.

Cloud Pentesting
Learning Path
Cloud Pentesting

Cloud Pentesting

Learn the basics of penetration testing in the cloud.
CompTIA PenTest+
Learning Path
CompTIA PenTest+

CompTIA PenTest+

The CompTIA PenTest+ certification path teaches you how to successfully plan, carry out and report the results of a penetration test. You'll learn the process behind penetration testing, tools and techniques used by pentesters, legal and compliance issues and more.
EC-Council Certified Ethical Hacker (CEH)
Learning Path
EC-Council Certified Ethical Hacker (CEH)

EC-Council Certified Ethical Hacker (CEH)

The Certified Ethical Hacker (CEH) certification path teaches you the hacking skills necessary to successfully perform a penetration test. You’ll learn the techniques and tools used by cybercriminals and how to apply them to conduct security assessments and report your findings.
Ethical Hacking
Learning Path
Ethical Hacking

Ethical Hacking

The Ethical Hacking skill path helps you master a repeatable, documentable penetration testing methodology. You'll learn how to use the same techniques used by malicious hackers to carry out an ethical hack and assess your organization's vulnerabilities.
Machine Learning for Red Team Hackers
Learning Path
Machine Learning for Red Team Hackers

Machine Learning for Red Team Hackers

The Machine Learning for Red Team Hackers Learning Path covers various techniques related to hacking machine learning.
Mobile Application Pentesting
Learning Path
Mobile Application Pentesting

Mobile Application Pentesting

The Mobile Application Pentesting skill path teaches you how to discover and exploit vulnerabilities in mobile apps. You'll learn how to use popular penetration testing tools to perform an analysis of mobile applications, assess their weaknesses and better defend them from malicious attacks.
Offensive Bash Scripting
Learning Path
Offensive Bash Scripting

Offensive Bash Scripting

The Offensive Bash Scripting Learning Path is aimed at beginners and helps you learn one of the many fundamental skills of ethical hacking.
Python for Pentesters
Learning Path
Python for Pentesters

Python for Pentesters

This path is an in-depth look at Python for penetration testers. It begins with a Python refresher, before we move on to network penetration testing, Python hacking tools and using Python to attack web applications.

Web Application Pentesting
Learning Path
Web Application Pentesting

Web Application Pentesting

The web application penetration testing path will cover all of the essentials for those wanting to become a web app pentester. You'll learn how to ethically emulate real-world attacks in order to discover and responsibly disclose an organization's vulnerabilities.

Overview

Common job titles
  • Penetration tester
  • Senior penetration tester
  • Network relations consultant
  • Application security analyst
U.S. job openings
  • 13,753
Most-requested skills
  • Information security
  • Penetration testing
  • Linux
  • Python
  • Java
  • Vulnerability assessment
  • Information systems
  • Software development
  • Project management

Additional resources

Podcast: Getting started in red teaming and offensive security

Curtis Brazzell, managing security consultant at cybersecurity firm Pondurance, discusses the methodologies and day-to-day operations in Red Team operations.

Listen

Resource hub: The ultimate guide to penetration testing

Our penetration testing resource hub includes everything you need to know to get started in pentesting, including popular certifications, tools, best practices and salary data.

Read

Webinar: How to become a Certified Ethical Hacker (CEH)

Learn about the Certified Ethical Hacker (CEH), an certification that has become a foundation for careers in pentesting, vulnerability testing and other technical areas.

Watch

Award-winning training that you can trust

IDC MarketScape Leader: U.S. IT Training

IDC MarketScape Leader: U.S. IT Training

Infosec Skills

eLearning Content

eLearning Content

Infosec Skills

Best Product - Cybersecurity Training for Infosec Professionals

Best Product - Cybersecurity Training for Infosec Professionals

Infosec Skills

Security Education & Platform

Security Education & Platform

Infosec Skills

Ranked #52 in Top 100 Global Software Sellers

Ranked #52 in Top 100 Global Software Sellers

Infosec