The Licensed Penetration Tester (LPT) is at the pinnacle of conducting vulnerability assessments, and few individuals actually meet the rigorous standards required to become a LPT. This is another internationally recognised qualification, and prerequisites for LPT are both CEH and ECSA qualifications.

An important distinction also needs to be made. Most qualifications in the security industry are certifications, but the qualified LPT hold a license, just like "007" who is "Licensed to Kill". The license means that the LPT must act within closely defined guidelines, as laid down by the awarding body, and follow a strict code of ethics.

Whereas hacking involves creativity and thinking "out-of-the-box", then standard vulnerability testing and security audits cannot guarantee the security proofing of an organization. In order to adequately protect their information assets, organisations must adopt a "defence in depth" approach; in other words, they must penetrate their networks and assess the security posture for vulnerabilities and exposure.

Licensed Penetration Testers acquire advanced uses of available methodologies, tools and techniques required to perform comprehensive information security tests. LPTs can design, secure and test networks to protect organisations from the threats hackers and crackers pose. Once a security problem has been identified, recommendations are then made to avoid and eliminate them.

Vulnerabilities exist throughout the organisation, and the objective of a penetration test is to assess these vulnerabilities, then offer remedial steps to eliminate them. The list below provides some examples of areas where a security assessment may identify areas of risk to your organisation.

Examples of vulnerability assessments carried out by a Licensed Penetration Tester include:
Internal Network Penetration Testing Router Penetration Testing Firewall Penetration Testing Password Cracking Penetration Testing Stolen Laptop Penetration Testing Physical Security Penetration Testing VoIP Penetration Testing	IDS Penetration Testing Wireless Network Penetration Testing Denial of Service Penetration Testing Social Engineering Penetration Testing Application Penetration Testing Database Penetration Testing VPN Penetration Testing

At the conclusion of a penetration test, in recognition of the audit carried out, the Licensed Penetration Tester may award one or more of the following logos.

CVSI offers the services of a Licensed Penetration Tester, holding credentials awarded by EC-Council, and internationally recognised.