What is penetration testing?

As organizations grow so does their computer infrastructure. With growth comes complexity and in most cases the visibility of management and sysadmins decreases with increasing complexity. Assumptions about the state of the infrastructure drift away from the actual state and with that comes increased risk.

How does it work?

Penetration testing involves challenging the assumptions organizations have about their infrastructure. This is done by setting up a testing scenario where a specific cyber threat is being simulated. Testers put themselves in the shoes of an attacker and evaluate a companies’ infrastructure by simulating attacks with the goal of evaluating the infrastructures resilience to attack.

Why is it relevant?

This type of testing gives an in-depth outsiders perspective on the real state of security where the actual infrastructure is being tested without any prior assumption.