Core
 » Home  |  » Contact Us  |  » Customer Services
 

What is Penetration Testing?

A penetration test is a proactive and authorized attempt to evaluate the security of an IT infrastructure by safely attempting to exploit system vulnerabilities, including OS, service and application flaws, improper configurations, and even risky end-user behavior. Such assessments are also useful in validating the efficacy of defensive mechanisms, as well as end-users’ adherence to security policies.

Tests are typically performed using manual or automated technologies to systematically compromise servers, endpoints, web applications and other potential points of exposure. Once vulnerabilities have been successfully exploited on a particular system, testers may attempt to use the compromised system to launch subsequent exploits at other internal resources, specifically by trying to incrementally achieve higher levels of security clearance and deeper access to electronic assets and information via privilege escalation.

Information about any security vulnerabilities successfully exploited through penetration testing is typically aggregated and presented to IT and network systems managers to help those professionals make strategic conclusions and prioritize related remediation efforts. The fundamental purpose of penetration testing is to measure the feasibility of systems or end-user compromise and evaluate any related consequences such incidents may have on the involved resources or operations.

Related Content

Learn more about our CORE IMPACT security testing software solutions

On-Demand Webcast

InfoWorld Webcast: Penetration Testing – The Next Security Testing Standard
Join InfoWorld's Bob Garza to learn why penetration testing is considered a best practice for any organization seeking to protect critical data and infrastructure.

Analyst White Papers

Gartner White Paper: Penetration-Testing Tool Use
See how a transportation company uses penetration testing to reduce risk and gain business benefits.

IDC White Paper: Automated Pen Testing - Can IT Afford Not To?
Learn about the benefits realized by IT executives who leverage penetration testing.

Core Security White Papers

The Rise of Security Testing
Why comprehensive security testing is critical to proactive IT risk management

Moving Beyond Security Point Solutions
Learn why real-world security testing is the best way to assess overall readiness against complex IT threats.

ROI white paper
Automated Penetration Testing - Justification and ROI

Solutions | Products and Services | CoreLabs | News and Events | Partners | Company
Core Security Technologies © 2008 All rights reserved       Disclaimer     Privacy Statement