This four-day training builds the capability to lead or participate in professional penetration tests by combining hands-on technical techniques with the planning and management skills required to run engagements effectively. Participants develop the core technical foundation needed to conduct infrastructure, web application, mobile, social engineering, and physical security testing, while learning how to plan tests, define risk-based scope, manage time and resources, and produce high-quality reporting and follow-up. The course is designed to be practically applicable to modern penetration testing work and focuses on current tools and techniques.
Upcoming dates you can join soon.
This course runs multiple times per year, onsite and online.
Define clear, risk-based scope and rules of engagement that protect business operations
Run infrastructure, web, mobile, social engineering, and physical security testing in a structured way
Select and use appropriate tools and techniques to execute efficient testing
Produce reports that translate findings into prioritized remediation actions
Scale an engagement by managing time, resources, and stakeholder expectations
“Henri perfectly filled in the gaps in our knowledge and tailored the course contents to our difficult schedules, many thanks !”
Simon Baynes
BCMS manager
MSC MEDITERRANEAN SHIPPING COMPANY SA
“Henri and Alexis conducted a focused, intensive four-day ISO/IEC 27001 Lead Implementer Course of immediate relevance to The Global Fund. Participants representing both IT and Risk are now better prepared to design and operationise a corporate ISMS.”
Andreas Tamberg
Senior advisors enterprise risk management
The Global Fund
“Overall enjoyable training. To the point end trainer kept clear focused.”
Stephane Di Bari
Service operations manager
UNICC
Get instant answers to common questions about this course from our expert trainers.
You will be able to plan, scope, execute, and report a professional penetration test across common testing areas while managing time, resources, and stakeholders.
“A professional pen test is measured by outcomes: safe execution, credible evidence, and actionable remediation.”
Expert Trainer
Risk-based scoping prioritizes the assets and attack paths with the highest potential impact and defines clear rules of engagement to test them safely and legally.
“Scope is the control plane of a penetration test: it determines value, safety, and credibility.”
Expert Trainer
Penetration testing is best when you need to validate exploitability and real attack paths, while scanning is best for broad, continuous coverage of known issues.
“Scanning finds what might be vulnerable; penetration testing proves what can be compromised and how.”
Expert Trainer
Actionable reporting connects evidence to impact, prioritizes fixes, and provides clear remediation guidance aligned with ownership and timelines.
“The best report is one that engineering can fix without a meeting.”
Expert Trainer
It is best for professionals who will lead or contribute to real penetration tests, while those without basic security foundations may benefit from preparatory learning first.
“Role fit matters: the course is built for people who will run or govern real-world pen tests.”
Expert Trainer
Browse every upcoming session for this course.
Quick navigation to course sections
Necessary cookies are always active. You can accept, reject non-essential cookies, or customize your preferences.