Learn the basics of Ethical Hacking and Penetration Testing course to make you a better ethical hacker and penetration tester.
WHAT IS PENETRATION TESTING?
Penetration testing (also called pen testing) is the practice of testing a computer system, network or Web application to find vulnerabilities that an attacker could exploit.
PENETRATION TESTING GOALS AND OBJECTIVES :
As is apparent, there are many reasons penetration testing is conducted. Defining the scope and nature of a penetration test is largely dependent on what the drivers are for an organization, which will determine the stated goals going into an engagement. Those drivers may also influence other aspects of the engagement such as target selection scope, assumptions, and even funding ceilings that limit the amount of time a test team has to explore and compromise the organization’s assets. For example, if the goal is merely to ‘check off the box’ that says an organization has conducted penetration testing in order to meet compliance, then the scope and allocated funding may be much more constrained. Contrast that with an organization that is genuinely worried about its intellectual property and cares about the real-world risk to that IP from a motivated, skilled attacker’s perspective, and you might want to allocate a budget amount that will allow for a more thorough test.