Penetration testing (pen testing) is a deliberate procedure to test an IT infrastructure and discover if it has security vulnerabilities. These weaknesses can take the form of software bugs, badly configured hardware and software, and end-user behaviors that compromise security.

Staging a penetration test (pen test) takes careful and methodical planning. It involves careful study of the computer systems, employs automated scanning tools to uncover vulnerabilities, and then verifies and validates the results. All these, of course, while disrupting business operations as little as possible. The information is the basis for a report that can help improve security.

Penetration testing can be compared to a fire drill. It simulates the threat to assess how people will react. Any issues during the drill are noted and addressed.

Other interesting terms…