Penetration Testing Execution Standard
PTES pentest methodology 7 phases.
Definition
PTES provides detailed guidelines per phase and level (Tier 1 SMB, Tier 2 Enterprise, Tier 3 Government / Critical). Technical Guidelines cover tools, methods, evidence collection. Reporting standardizes executive + technical sections. Complementary to NIST SP 800-115, OSSTMM, OWASP Web Security Testing Guide.
Origin
PTES Working Group (Chris Nickerson, Dave Kennedy, Iftach Ian Amit, Joshua Wright + 100+ contributors), v1 2010.
Usage
Reference for pentest providers (Offensive Security, Bishop Fox, NCC Group, Trustwave, Rapid7).
Related terms
- OSSTMM — standard concurrent.
- NIST SP 800-115 — standard NIST.
- OWASP WSTG — guide web.