What is Penetration Testing (Pentesting)?
A penetration test (pentest or pentesting), is a deliberate and scheduled attempt by an organization to evaluate the security of its IT infrastructure by safely trying to exploit vulnerabilities. Companies either have internal pentesting teams or hire a security service provider to evaluate what vulnerabilities might exist in operating systems, services and application flaws, improper configurations or risky end-user behavior. Once vulnerabilities have been identified, pentesters try to mimic threat actor TTPs to penetrate the network. The final output is a report that outlines what security gaps exist and need to be addressed to secure the business from cyberthreats.