This document discusses security testing best practices and guidelines. It recommends obtaining authorization through a statement of work before conducting security tests. It also recommends familiarity with the Open Source Security Testing Methodology Manual (OSSTMM) for testing best practices. The document notes some legal issues to be aware of regarding computer abuse laws and restrictions on public scanning.