Glossary

Penetration Testing

Penetration testing is a way for companies to check their networks, systems, applications, and infrastructure for possible security vulnerabilities. A penetration testing team uses similar tools and techniques to those used by criminals and hackers to attempt to gain access to a corporation’s technology. They will then report back on gaps in security so that risks and issues can be resolved.

Terms related to Penetration Testing: Criminal, hacker, cyberattack, attack vector, vulnerability, exploit, backdoor, social engineering, phishing, penetration testing, antivirus, firewalls, security monitoring.

Penetration testing is designed to find weaknesses in a business’s computer networks, systems, and other technology. It duplicates the sophisticated techniques that criminals use to access a business and steal their data or cause other disruption.

Penetration testing is uniquely designed for a specific organization’s IT ecosystem and security, including infrastructure, applications, and technological defenses.

Penetration testing uses several approaches including targeted attacks that attempt to break through IT security. It simulates a real-life attack by hackers and adapts according to defenses. It tries to exploit multiple attack vectors, including unpatched vulnerabilities, known exploits, and social engineering. Penetration testers use a combination of hacks, scripts, software, and other techniques to try and compromise computer networks.

Vulnerability scanning and penetration testing are often used together. Vulnerability scanning uses software tools to identify known and potential exploits, while penetration testing uses that and other knowledge and techniques to get into a corporation’s network and sensitive systems.

Penetration testing is often used by organizations that already have a strong, mature, and established approach to IT security. It’s designed to test for gaps that the security team may have missed with their own testing, and the information it provides allows for proactive protection against real-world threats.

Penetration Testing from Crossmatch