A penetration test is often referred to broadly as an evaluation of an organization’s cybersecurity through the uncovering and exploitation of security weaknesses. However, this doesn’t mean there is only one way to pen test. Since vulnerabilities can exist anywhere—operating systems, services and application flaws, improper configurations, or even risky end-user behavior—multiple types of pen tests have been developed to ensure every aspect of the IT infrastructure is secure.
- Vulnerability scan validations
- Web application tests using SQL injection and cross site scripting
- Phishing campaign simulations