Penetration Testing and Vulnerability Analysis

Identify Vulnerabilities Through Strategic Penetration Testing

Download Brochure

Get Your Brochure

Course Dates

STARTS ON

April 30, 2024

Course Duration

DURATION

8 weeks, online
8–10 hours per week

Course Fee
Course Fee

For Your Team

Enroll your team and learn with your peers

Learn More

Overview

Learn skills to locate vulnerabilities, penetrate systems, and resolve flaws to improve the digital security of your organization

Finding your organization’s security weaknesses before cybercriminals can exploit them is critical to safeguarding your organization’s data, your customers, and your reputation. Penetration testing enables you to proactively validate the security of your systems, applications, and networks by defending against vulnerabilities and warding off potential attacks.

This program provides a comprehensive introduction to penetration testing and vulnerability analysis through a hands-on approach. You’ll get firsthand experience performing a complete penetration test from start to finish and learn to locate vulnerabilities, resolve flaws, and safeguard your organization from external threats.

7.5%

The global penetration testing and vulnerability assessment market is forecasted to grow at a rate of 7.5% from USD 13.34 billion in 2019 to USD 23.56 billion in 2027.

16%

The number of professionals working in penetration testing and vulnerability assessment has grown 16% globally, year over year.

94,861

Between August 2020 and August 2021, there were 94,861 job postings seeking penetration testing and vulnerability assessment skills

IMPACT

Upon completion of the program, you will be equipped with:

  • The knowledge and skills to locate vulnerabilities, penetrate systems, and resolve flaws to improve the digital security of your organization
  • An understanding of how the attack chain works for common web vulnerability categories
  • The ability to complete all of the steps of penetration testing, from set-up to post-test, and to communicate related findings to stakeholders
  • The expertise to use penetration testing strategically to improve the security life cycle within your organization

Who Is This Program For?

This program was designed to provide hands-on experience in penetration testing in the high-demand field of offensive cybersecurity. It is ideal for:

  • Early-career professionals with an interest in cybersecurity, including IT professionals, network engineers, system administrators, and even non-IT professionals looking to understand offensive cybersecurity
  • IT and engineering managers seeking to improve their organizations' preparedness and response to cyberattacks
  • Early- to mid-career cybersecurity professionals aiming to advance in their career path by gaining a deeper understanding of offensive cybersecurity tools and techniques

The program may also be of interest to managers looking to develop their understanding of the intricacies of penetration testing and learning to communicate more effectively on the topic. The program is also an elective course in NYU Tandon's Chief Security Officer Program.

Prerequisites:
Some prior coding and Python programming knowledge is helpful but is not required.

Hardware requirements:
AMD or Intel chip, 12 GB RAM, supports Virtualbox

Program Highlights

Magnifying Glass

The Penetration Testing and Vulnerability Analysis program includes a capstone project where participants are guided through the end-to-end penetration testing process and receive personalized feedback from course leaders.

3 human icons in a circle joined

Discussions on penetration testing activities will be used to deepen your understanding and maintain relevance (emerging topics or time-sensitive stories can be addressed during discussions).

Document & Magnifying glass

All steps of penetration testing will be performed, from set-up to post-test.

Program Syllabus

Participate in a hands-on exploration of the world of penetration testing and vulnerability analysis, beginning with a comprehensive introduction to the process and ending with the completion of a detailed penetration testing report.

Module 1:

Introduction to Penetration Testing

Get an introduction to penetration testing and the value it brings to an organization.

Module 3:

Information Gathering, Reconnaissance, and Discovery

Identify reconnaissance and attack surface enumeration for different types of penetration testing.

Module 5:

Attacks and Exploits

Learn how to use exploitation during a penetration test.

Module 7:

Web Application Exploitation

Identify vulnerabilities through static code analysis, dynamic application testing, and reconnaissance and enumeration.

Module 2:

Penetration Testing Preparation and Process

Learn how to pen test with authorization and the rules of engagement for pen testing.

Module 4:

Network and Vulnerability Scanning

Understand how scanning fits into a pen test as well as the purpose of scanning tools and how they achieve their goals.

Module 6:

Web Application Testing

Explore how http works, including methods and server responses.

Module 8:

Post Exploitation

Identify steps to take post-exploitation and how to solve common exploitation issues.

Module 1:

Introduction to Penetration Testing

Get an introduction to penetration testing and the value it brings to an organization.

Module 2:

Penetration Testing Preparation and Process

Learn how to pen test with authorization and the rules of engagement for pen testing.

Module 3:

Information Gathering, Reconnaissance, and Discovery

Identify reconnaissance and attack surface enumeration for different types of penetration testing.

Module 4:

Network and Vulnerability Scanning

Understand how scanning fits into a pen test as well as the purpose of scanning tools and how they achieve their goals.

Module 5:

Attacks and Exploits

Learn how to use exploitation during a penetration test.

Module 6:

Web Application Testing

Explore how http works, including methods and server responses.

Module 7:

Web Application Exploitation

Identify vulnerabilities through static code analysis, dynamic application testing, and reconnaissance and enumeration.

Module 8:

Post Exploitation

Identify steps to take post-exploitation and how to solve common exploitation issues.

CAPSTONE PROJECT: EXPERIENCE THE FULL SCOPE OF PENETRATION TESTING

Practical Application Project

The Penetration Testing and Vulnerability Analysis program includes a capstone project where participants are guided through the end-to-end penetration testing process and receive personalized feedback from course leaders. Here’s a summary of what the project entails:

Modules 1–4: Proposal:

Write and submit a proposal for a penetration test and receive feedback from course leaders.

Modules 5–8: Testing and Reporting:

  • Complete a penetration test, from set-up to post-exploitation actions.
  • Compile a penetration test report and receive feedback from course leaders.

Program Faculty

Faculty Member Peter Klabe

Peter Klabe

Adjunct Professor, NYU Tandon School of Engineering

Professor Peter Klabe is a Principal Security Engineer with 14 years of experience and has been at New York University since 2017. His full-time job is as a Product Security and Privacy Principal Engineer with Comcast in Philadelphia, where he implements and oversees technical security assessments, threat modeling, incident response, and vulnerability management of residential hardware products, mobile apps, and the software services that support Xfinity Home, xFi, and the Xfinity App... More info

GUEST SPEAKERS

Abhishek Ramchandran

Penetration Testing Team Lead Siemens Technology USA

Abhishek Ramchandran is an ethical hacker and cybersecurity researcher with seven years of collective experience in the topic areas of web application and network security testing, network security testing, red team engagements, Operation Technology (OT) security testing, and social engineering.

He currently leads a team of offensive security researchers at Siemens Technology USA with a focus on hacking products, services, and software at Siemens. His current research is focused on hacking critical infrastructure and industrial control systems (ICS).

Abhishek earned a master’s degree in Cybersecurity from New York University. Outside of work, Abhishek has instructed some K-12 STEM courses focused on cybersecurity topics such as Cryptography, Programming with Python, Steganography, Social Engineering, Lock Picking, and Wi-Fi Hacking.

Gilles Biagomba

Senior Software Security Engineer, Comcast

Gilles Biagomba is a security engineer with seven years of experience in domains including web application security testing, vulnerability assessment, and network penetration testing. Gilles is consistently recognized for outstanding cybersecurity skills by peers and senior leaders and is skilled in customer relations, business requirement gathering, and threat modeling.

CERTIFICATE

Example image of certificate that will be awarded after successful completion of this program

CERTIFICATE

Upon successful completion of the program, participants will be awarded a verified digital certificate from NYU Tandon.

FAQs

  • How do I know if this program is right for me?

    After reviewing the information on the program landing page, we recommend you submit the short form above to gain access to the program brochure, which includes more in-depth information. If you still have questions on whether this program is a good fit for you, please email learner.success@emeritus.org, and a dedicated program advisor will follow-up with you very shortly.


    Are there any prerequisites for this program?

    Some programs do have prerequisites, particularly the more technical ones. This information will be noted on the program landing page, as well as in the program brochure. If you are uncertain about program prerequisites and your capabilities, please email us at the ID mentioned above.


    Note that, unless otherwise stated on the program web page, all programs are taught in English and proficiency in English is required.


    What is the typical class profile?

    More than 50 percent of our participants are from outside the United States. Class profiles vary from one cohort to the next, but, generally, our online certificates draw a highly diverse audience in terms of professional experience, industry, and geography — leading to a very rich peer learning and networking experience.


    What other dates will this program be offered in the future?

    Check back to this program web page or email us to inquire if future program dates or the timeline for future offerings have been confirmed yet.

  • How much time is required each week?

    Each program includes an estimated learner effort per week. This is referenced at the top of the program landing page under the Duration section, as well as in the program brochure, which you can obtain by submitting the short form at the top of this web page.


    How will my time be spent?

    We have designed this program to fit into your current working life as efficiently as possible. Time will be spent among a variety of activities including:



    • Engaging with recorded video lectures from faculty
    • Attending webinars and office hours, as per the specific program schedule
    • Reading or engaging with examples of core topics
    • Completing knowledge checks/quizzes and required activities
    • Engaging in moderated discussion groups with your peers
    • Completing your final project, if required

    The program is designed to be highly interactive while also allowing time for self-reflection and to demonstrate an understanding of the core topics through various active learning exercises. Please email us if you need further clarification on program activities.


    What is it like to learn online with the learning collaborator, Emeritus?

    More than 300,000 learners across 200 countries have chosen to advance their skills with Emeritus and its educational learning partners. In fact, 90 percent of the respondents of a recent survey across all our programs said that their learning outcomes were met or exceeded.

    All the contents of the course would be made available to students at the commencement of the course. However, to ensure the program delivers the desired learning outcomes the students may appoint Emeritus to manage the delivery of the program in a cohort-based manner the cost of which is already included in the overall course fee of the course.

    A dedicated program support team is available 24/5 (Monday to Friday) to answer questions about the learning platform, technical issues, or anything else that may affect your learning experience.


    How do I interact with other program participants?

    Peer learning adds substantially to the overall learning experience and is an important part of the program. You can connect and communicate with other participants through our learning platform.

  • What are the requirements to earn the certificate?

    Each program includes an estimated learner effort per week, so you can gauge what will be required before you enroll. This is referenced at the top of the program landing page under the Duration section, as well as in the program brochure, which you can obtain by submitting the short form at the top of this web page. All programs are designed to fit into your working life.

    This program is scored as a pass or no-pass; participants must complete the required activities to pass and obtain the certificate of completion. Some programs include a final project submission or other assignments to obtain passing status. This information will be noted in the program brochure. Please email us if you need further clarification on any specific program requirements.


    What type of certificate will I receive?

    Upon successful completion of the program, you will receive a smart digital certificate. The smart digital certificate can be shared with friends, family, schools, or potential employers. You can use it on your cover letter, resume, and/or display it on your LinkedIn profile.
    The digital certificate will be sent approximately two weeks after the program, once grading is complete.


    Can I get the hard copy of the certificate?

    No, only verified digital certificates will be issued upon successful completion. This allows you to share your credentials on social platforms such as LinkedIn, Facebook, and Twitter.


    Do I receive alumni status after completing this program?

    No, there is no alumni status granted for this program. In some cases, there are credits that count toward a higher level of certification. This information will be clearly noted in the program brochure.


    How long will I have access to the learning materials?

    You will have access to the online learning platform and all the videos and program materials for 12 months following the program start date. Access to the learning platform is restricted to registered participants per the terms of agreement.

  • What equipment or technical requirements are there for this program?

    Participants will need the latest version of their preferred browser to access the learning platform. In addition, Microsoft Office and a PDF viewer are required to access documents, spreadsheets, presentations, PDF files, and transcripts.


    Do I need to be online to access the program content?

    Yes, the learning platform is accessed via the internet, and video content is not available for download. However, you can download files of video transcripts, assignment templates, readings, etc. For maximum flexibility, you can access program content from a desktop, laptop, tablet, or mobile device.

    Video lectures must be streamed via the internet, and any livestream webinars and office hours will require an internet connection. However, these sessions are always recorded, so you may view them later.

  • Can I still register if the registration deadline has passed?

    Yes, you can register up until seven days past the published start date of the program without missing any of the core program material or learnings.


    What is the program fee, and what forms of payment do you accept?

    The program fee is noted at the top of this program web page and usually referenced in the program brochure as well.

    • Flexible payment options are available (see details below as well as at the top of this program web page next to FEE).
    • Tuition assistance is available for participants who qualify. Please email learner.success@emeritus.org.

    What if I don’t have a credit card? Is there another method of payment accepted?

    Yes, you can do the bank remittance in the program currency via wire transfer or debit card. Please contact your program advisor, or email us for details.


    I was not able to use the discount code provided. Can you help?

    Yes! Please email us with the details of the program you are interested in, and we will assist you.


    How can I obtain an invoice for payment?

    Please email us your invoicing requirements and the specific program you’re interested in enrolling in.


    Is there an option to make flexible payments for this program?

    Yes, the flexible payment option allows a participant to pay the program fee in installments. This option is made available on the payment page and should be selected before submitting the payment.


    How can I obtain a W9 form?

    Please connect with us via email for assistance.


    Who will be collecting the payment for the program?

    Emeritus collects all program payments, provides learner enrollment and program support, and manages learning platform services.

  • What is the program refund and deferral policy?

    For the program refund and deferral policy, please click the link here.

Didn't find what you were looking for? Write to us at learner.success@emeritus.org or Schedule a call with one of our Academic Advisors or call us at +1 680 205 8507 (US) / +44 145 370 2595 (UK) / +65 3163 6129  (SG)

Apply Now

Early registrations are encouraged. Seats fill up quickly!

Flexible payment options available. Learn more.