Operations security or OPSEC is a topic of security method for helping with the penetration testing workflow. In this course, OPSEC for Penetration Testers, you'll follow the story of a penetration tester that will test the security of a website. In each of the engagement phases, (pre-engagement, the penetration test itself, and post-engagement) the types of data and corresponding risks will be discussed. This includes communication with the stakeholders, a typical pen testers' work environment, as well as the tools being used. Throughout the course, the topics will cover the major scenarios penetration testers face in the real world. By the end of this course, you'll have an understanding of how OPSEC can fit into the penetration testing workflow.
- OPSEC and the Penetration Testing Workflow
- Setting up a Secure Penetration Testing Environment
- Identifying and Mitigating Risks While Testing
- Wrapping up Penetration Testing Engagements Securely
If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.