Section: IT & Technology · CybersecurityDifficulty: Medium

Penetration Testing

USUK
US/ˌpɛnəˈtreɪʃən ˈtɛstɪŋ/

An authorized simulated cyberattack on a system to evaluate its security posture and find vulnerabilities.

Also: pen test · pentest

Definition

Penetration testing (pen testing) is an authorized, simulated cyberattack performed on a computer system, network, or web application to identify security vulnerabilities that an attacker could exploit. Pen testers use the same tools and techniques as malicious hackers but with explicit permission. Testing phases include reconnaissance, scanning, exploitation, post-exploitation, and reporting. Results help organizations prioritize and remediate security weaknesses before real attackers find them.

Example

A financial institution hires a security firm to conduct a penetration test, discovering that their web application has an SQL injection vulnerability before attackers do.

Usage Examples

  1. 1

    The team applied penetration testing best practices to improve their cybersecurity outcomes significantly.

  2. 2

    Understanding penetration testing is essential for anyone building a career in IT & Technology.

When & How to Use

Use 'Penetration Testing' when working in Cybersecurity contexts where penetration testing (pen testing) is an authorized, simulated cyberattack performed on a computer system, network, or web application to identify security vulnerabilities that an attacker could exploit.

  • Applying penetration testing principles during a cybersecurity project or initiative
  • Explaining penetration testing to a junior team member or stakeholder unfamiliar with IT & Technology
  • Evaluating options or proposals using penetration testing as a decision-making criterion

Etymology & Origin

The term 'Penetration Testing' derives from Latin roots and entered IT & Technology professional usage as the field formalised in the 20th century.

History & Evolution

The concept of penetration testing has evolved alongside IT & Technology. Early practitioners relied on informal methods; structured approaches emerged with the professionalisation of cybersecurity in the mid-20th century. Today, penetration testing is a standard part of IT & Technology practice globally.

Synonyms

  • ethical hacking
  • security testing
  • offensive security assessment
  • pen testing

Antonyms / Opposites

  • passive monitoring
  • defensive security

Images

CC-licensed · free to use
More on Wikimedia
Loading images…

Video

Related Terms

  • ethical-hacking
  • vulnerability-assessment
  • red-team
  • cvss

Dictionary Entry

Back to IT & Technology