Penetration test (Definition)

A penetration test is an attempt using manual and automated methods and tools to bypass the security of a system in a manner much more invasive than a basic vulnerability scan. Penetration testing scope can vary from including social engineering, data mining and attacks via other systems, to more benign narrow assessments of a single ICT asset or service. The scope and rules for the test, such as extent of vulnerability exploration, is generally agreed with the business owner of the system. The goal is to identify weaknesses before any hostile attacker can take advantage of them.

Last Reviewed: 09 January 2018