Skip to main content
Penetration Testing

Penetration Testing

CYBERSECURITY DICTIONARY

Penetration Testing

Penetration Testing, sometimes called ethical hacking or shortened to pen test, is an authorized attack performed to evaluate a system or application in order to find exploitable vulnerabilities so they can be proactively remediated.  

There are many different types of pen tests including: 1) External which determines the security posture of the external (internet facing) network; 2) Internal which tests the controls of internal systems of the organization as if a hacker had bypassed the perimeter; 3) Application which tests applications for vulnerabilities; 4) Wireless network testing which evaluates whether popular wireless LAN infrastructure creates an opening for attackers to exploit; 5) Social engineering which can include sending phishing emails -- or impersonating other individuals on the phone or in person -- to gain access to restricted areas or systems; and 6) Physical testing which evaluates the physical security of an organization including door locks and badge/access controls.

Many of the tests above are often confined to a specific scope of systems or time period.  Another concept in pen testing that is gaining momentum is that of Red Teaming. In war games, the Red Team represents the aggressor whose job it is to test the capabilities of those on defense (Blue Team). In pen testing, Red Team refers to testing in which there are no restrictions related to systems in scope or time windows. Hence, Red Team approaches provide the most accurate simulation of a real-world adversary. 

Seeking Clarity?

View the Cybersecurity Dictionary for top terms searched by your peers.

Explore the Dictionary

Related Assets

June 08, 2018

Pen Testing and Advanced Assessments

Our advanced services go beyond traditional penetration testing methodologies to deliver true adversary emulation and provide actionable steps for sec...

See Details

May 30, 2018

Always On Penetration Testing

Optiv’s Always-On Penetration Testing provides clients with an imminent and guaranteed attack to keep network defenders ready to act and focused.

See Details

December 14, 2017

What a Hacker Sees: Top 20 CIS Critical Security Controls

Learn about the top 20 CIS Critical Security Controls (CSC) through the eyes of a hacker.

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.


Privacy Policy

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.

Subscribe

Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cybersecurity Events in your area.