Standardisation in Penetration Testing and Vulnerability Assessment: Market Analysis and Recommendations presented at BSidesUK 2015

by Thom Langford, William Knowles,


Summary : Lancaster University and the British Standards Institutions (BSI) have undertaken market research of the penetration testing industry to determine the requirement for furture standardisation. This involved interviews with 54 stakeholders, from penetration testing providers, clients, and industry bodies (including CESG, BSI, BIS, Tigerscheme, IASME and QG). Recommendations for standardisation, best practices, and opportunities for improvement will be discussed.