Penetration testing (pen-testing or pentesting) is a method of testing, measuring and enhancing established security measures on information systems and support areas.
It is implemented by simulating malicious attacks from an organization’s internal and external users. Then the entire system is then analyzed for potential vulnerabilities. A plan that communicates test objectives, timetables and resources is developed prior to actual pen-testing.
It is an invaluable process for a number of reasons:
- Minimal security breach potential ensures system reliability.
- Complies with regulatory or other agencies.
- Demonstrates a good-faith effort to protect customer information.