Definition from Wikipedia:

Penetration test or Pentest is the technical term for a comprehensive security test of individual computers or networks of any size. To a security expert, a penetration test means, in

Information Technology
, testing the

security
 of as many system components and applications of a network or software system as possible by means of tools and methods that an attacker (colloquially called ”

Hacker
“) would use to gain unauthorized access to a system (penetration). A penetration test thus determines the sensitivity of the system under test against such attacks. An important part of a penetration test is the tools that help simulate as many attack patterns as possible, reconstructing them from the numerous known attack methods.

The kind of security tests depends on the risk potential of an endangered system, network or an application, for example a web server, which has a higher risk potential than simple text processing. Similarly, there are many ancillary tools for penetration tests and correspondingly comprehensive are the security tests that only experienced security researchers or system administrators should perform, who know what to do, what results they produce and what results they want to achieve.

Also, the term penetration test is occasionally and incorrectly used for an automatic

vulnerability scan
. While a vulnerability scan runs mostly automatically, manual processing is required in a real penetration test, in the form of sifting through the test specimens, planning the test methods and objectives, selecting necessary tools and, finally, executing it. A

security scan
, in turn, differs from a vulnerability scan in terms of manual verification of test results. These terms are, however, often used in the

semi-professional
 field rather inconsistently, while there are standards for performing penetration tests that are accepted in the professional world of security researchers and experts and are recognized all over the world.

A penetration test is often performed as an

empirical
part of a general

safety analysis
.

 


Zerberos is a security company with its registered office in Zürich (Switzerland) that performs Pentests or penetration tests for customers in Switzerland, Germany, Austria and other countries all over the world.

 

Dieser Text ist auch verfügbar auf: DE