Please tell us about yourself

20% of survey complete.
This survey is a joint effort between The SANS Institute (, GIAC (The Global Information Assurance Certification Program, and WASC (The Web Application Security Consortium, Our goal is to gather feedback regarding typical job tasks of a web application penetration tester. The questions you will answer relate to the job task focus of a web application penetration tester. We define this role as anyone tasked with the job of testing web applications on security aspects. We consider job titles of senior QA analysts, security consultants, security testing analyst and some technical auditors as fitting in this category.
The content in this survey is broken down into three categories:

1. Web Application Fundamentals
2. Pen Testing Concepts
3. Security Solutions Domain

At the end of each section you have the option to suggest additional topics related to each category that have been omitted or overlooked.

* How many years of web application design/testing experience do you have?

* What is your level of formal education?

* How many IT Security or IT related certifications do you hold?

* Would you be willing to answer follow up questions via email?

* (Optional) Tell us who you are you, first and last name.