In 396 B.C., newly appointed dictator of Rome Marcus Furius Camillus took command of the army besieging the walled city of Veii. The city was strongly fortified and well provisioned, but after arriving at the Roman camp and taking stock of the situation, Camillus realized that Veii's extensive network of sewers presented a vulnerability he could exploit.
Camillus ordered periodic frontal attacks on the city to keep the Veiites occupied, but quickly set to work on his true objective. The Roman soldiers dug a tunnel beneath the walls of Veii and breached the sewers, eventually making it a possible for a company of soldiers to slip up into the streets of the city and open its gates to the waiting Roman army.
People don't tend to worry as much about defending (or attacking) walled cities in 2017, but that doesn't mean that we aren't still surrounded by battle lines — the fighting just takes place in a digital nether realm that we can't see with our eyes. That's why effective cybersecurity is so important, and why penetration testing is one of the most important security specializations.
If done right, a penetration test can prevent the attacks you don't see coming. Instead of the digital equivalent of enemy soldiers popping up inside your city and opening the gates, effective penetration testing alerts you to the danger of the unprotected sewer system before malefactors discover it.
Tech industry association CompTIA has made a concerted effort to build up its portfolio of cybersecurity certifications in recent years, and now the CompTIA certification gurus are at it again. CompTIA is currently recruiting a team of subject matter experts (SMEs) to convene next month in Chicago and create a new certification exam.
As most readers have no doubt already guessed, CompTIA is preparing to launch a new penetration testing certification. No release date has been announced for the pending Penetration Tester+ exam and certification, but the development cycle is likely to hit a fever pitch Oct. 16-20 at CompTIA's world headquarters in the Chicago suburb of Downer's Grove, Ill.
If you are a penetration testing expert, however, then there's an opportunity for you to make some cash ($400/day) and pick up a few other perks (breakfast and lunch provided daily) while contributing to the birth of what is likely to become a major IT certification. Ever wanted to be in "the room where it happens?" This is your big chance.
CompTIA is restricting its invitation to "professionals currently working in the field of penetration testing and/or vulnerability management," and you have to apply and be approved in order to participate.
It also helps to be certified. In particular, CompTIA is seeking participation from individuals who hold either EC-Council's Certified Ethical Hacker (CEH) cert, or the Offensive Security Certified Professional (OSCP) credential offered by Offensive Security.