Penetration Testing

 

Penetration Testing is an evaluation methodology whereby ethical hackers search for vulnerabilities within technology systems and attempt to circumvent the security features of a network and/or information system. This is also known as a “pen test”.

It is a process to identify security vulnerabilities within an application or computing system by evaluating these things with a variety of malicious techniques. Vulnerable system or application areas are identified through this process of authorized simulated attack. The primary purpose of executing this type of testing on a system is simulate outsider hackers and identify vulnerabilities in systems that could lead to unauthorized access by ethical hackers before real-world hackers take advantage of those vulnerabilities.

Related Term: Vulnerability Assessment

Source: NCSD Glossary, CNSSI 4009, NIST SP 800-53 Rev 4

If you would like to learn more about this topic, watch this short video:

CyberHoot does have some other resources available for your use. Below are links to all of our resources, feel free to check them out whenever you like: 

• CyberHoot’s Blog
• Cybrary (Cyber Library)
• Infographics by CyberHoot
• CyberHoot’s Monthly Newsletters
• CyberHoot Press Releases
• CyberHoot Platform Instructional Videos (HowTo) – very helpful for our Super Users!

Note: If you’d like to subscribe to our newsletter, visit any link above (besides infographics) and enter your email address on the right-hand side of the page, and click ‘Send Me Newsletters’. Sign up for the monthly newsletter to help CyberHoot with its mission of making the world ‘More Aware and More Secure!’