What is a pen test?

pen test

What is a pen test?

July 16, 2020

What is a pen-test: A pen test – short for penetration test – is a simulated attack on a network to test the strength of its security. Usually, the pen-tester will have a specific objective (e.g., “compromise this piece of data…). A vulnerability scan tells you “what are my weaknesses?”, and the test tells you “how bad a specific weakness is.”

Different industries will have different government-mandated requirements that dictate the frequency of penetration testing. One of the more broad-reaching regulations, the PCI DSS, for example, requires testing on an annual basis. However, it is prudent to go beyond the legal minimum. You should also conduct a pen-test every time you have:

  • added new network infrastructure or applications
  • made significant upgrades
  • made modifications to infrastructure or applications
  • established new office locations
  • applied a security patch (or patches)
  • modified end-user policies

In other words, any time you have made a significant update to your software or hardware, it should be considered essential to conduct a pen test (and update IT documentation).

Learn more about how our company can help your #lehighvalley #business. Contact us at 610-866-2828 or via our contact form.