A penetration test is an intrusive test where a third party has been authorized to carry out an attack on a company's network. Rules have been agreed on, so they just need to identify the weaknesses, should it be exploited as far as it can go.
Penetration testing is commonly known as a pen test. The pen testers are given different amounts of information:
- Black box: Black box pen testers are given no information on the company
- Gray box: A gray box pen tester is given some information
- White box: A white box pen tester knows everything about the system
For example, a pen tester is about to carry out a pen test but has not been given any information on the system. As he arrives at the company, the IT manager offers him a ...