Penetration Testing
An authorized simulated cyberattack on a system to evaluate its security posture and find vulnerabilities.
Also: pen test · pentest
Definition
Penetration testing (pen testing) is an authorized, simulated cyberattack performed on a computer system, network, or web application to identify security vulnerabilities that an attacker could exploit. Pen testers use the same tools and techniques as malicious hackers but with explicit permission. Testing phases include reconnaissance, scanning, exploitation, post-exploitation, and reporting. Results help organizations prioritize and remediate security weaknesses before real attackers find them.
Example
“A financial institution hires a security firm to conduct a penetration test, discovering that their web application has an SQL injection vulnerability before attackers do.”
Synonyms
- ethical hacking
- security testing
- offensive security assessment
- pen testing
Antonyms / Opposites
- passive monitoring
- defensive security
Images
CC-licensed · free to useVideo
Related Terms
- ethical-hacking
- vulnerability-assessment
- red-team
- cvss