A penetration test , colloquially known as a pen test , pentest or ethical hacking , is an authorized simulated cyberattack on a computer system, performed to evaluate the security of the system. The process typically identifies the target systems and a particular goal, then reviews available information and undertakes various means to attain that goal. A penetration test target may be a white box which provides background and system information or black box which provides only basic or no information except the company name. A gray box penetration test is a combination of the two where limited knowledge of the target is shared with the auditor. Security issues that the penetration test uncovers should be reported to the system owner.
Learning Objectives. A penetration test, also known as a pen test, is a simulated cyber attack against your computer system to check for exploitable vulnerabilities. Pen testing can involve the attempted breaching of any number of application systems, e. Insights provided by the penetration test can be used to fine-tune your WAF security policies and patch detected vulnerabilities. Scanning The next step is to understand how the target application will respond to various intrusion attempts. This is typically done using:. Testers then try and exploit these vulnerabilities, typically by escalating privileges, stealing data, intercepting traffic, etc.
Information and Network Security Assessment and Testing
This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here. If you continue to browse this site without changing your cookie settings, you agree to this use. View Cookie Policy for full details. Rapid7 Insight is your home for SecOps, equipping you with the visibility, analytics, and automation you need to unite your teams and amplify efficiency.
To give you the best possible experience, this site uses cookies. Find out more on how we use cookies. Penetration Testing from Mandiant Consulting helps you strengthen your security for those assets by pinpointing vulnerabilities and misconfigurations in your security systems. Our deep knowledge of advanced persistent threat APT attacker behavior can help you:.