LPT

  • Licensed Penetration Tester

  • Duration :

What is the Licensed Penetration Tester Program


The Licensed Penetration Tester exam is the capstone that encapsulates the entire information security track of EC-Council. While the Certified Ethical Hacker course teaches an individual what are the threat agents that can compromise the security posture of an organization and the EC-Council Security Analyst program provides a repeatable and documentable methodology that can be used by a security auditor while analyzing the security status of the organization, the Licensed Penetration Tester exam covers a completely different skill-set that is needed by every penetration tester – Report Writing.

Report Writing has been described by many as one of least preferred, yet arguably one of the most critical part of any penetration testing engagement.
While so many courses are offered globally to cover various subjects in the information security realm, hardly any are dedicated to this very important skill, especially almost half of all time spent at any penetration testing engagement can revolve around writing and reporting the core findings of the engagement to the client!
Explaining a highly technical finding in an elaborate penetration testing engagement to someone not technical like the CEO of a company, the senior management or even the board of directors can be very challenging…and frustrating at times!
This is exactly the science that formed the basis of the EC-Council LPT exam. Upon completion of the ECSA course, the candidate is ready to prove, via a rigorous, hands-on, real life scenario-based exam that requires the candidate to perform a penetration test of an imaginary organization which depicts a complex network of a real life multinational corporation. This shall be conducted on EC-Council’s cyber range and the candidates then have to report the findings to EC-Council via a written report.
Each participant is given merely 1 week to conduct a comprehensive penetration test and they are required to submit their findings within 30 days via a written report.
Each candidate’s report will be graded by an EC-Council accredited penetration tester, and upon approval of the candidate’s application, Licensed Penetration Tester credential will be awarded.

What is LPT Framework?


Screen Shot 2015-12-27 at 2.50.10 PM

How Does the LPT License help me in conducting pen tests?


The LPT licence provides assurance to your employer or prospective clients that you possess the ability to perform a methodological security assessment. It also helps you join the EC- Council’s elite Tiger Team, which provides you a platform to showcase your skills and earn real-world pen testing experience.

How is LPT framework different from other pen testing frameworks and standards?


Unlike other proprietary pen testing frameworks that are used only within a particular organization, EC-Council’s LPT framework is available to the public. The LPT framework was developed based on a thorough analysis of all the available frameworks and standards in the industry. The LPT is further bolstered by incorporating the strengths of other frameworks into one certification.

What is Tiger Team?


Tiger Team is an elite set of professionals who hold LPT credential that engage in Penetration Testing projects worldwide. Members of Tiger Team have high chances of participating in Penetration Testing assignments worldwide.
The list will be displayed on our website and will act as an endorsement of the professionals’ skills and ethics.

How can I join the Tiger Team?


Selected Certified Licensed Penetration Tester professionals will be invited in EC-Council’s elite Tiger Team. Police clearance / verification / background check/ legal agreements will be involved before joining the team.

How can I buy the LPT Framework?


You can access and use the LPT framework after registering for the ECSA/LPT program.

What is VampireTest?


VampireTest is a tool designed to be used by penetration testers to input penetration test data results. The program accepts various inputs and delivers a final, cohesive report of the data content.