Penetration Testing
What is penetration testing?
- Penetration testing is the process of attempting to gain access to resources without knowledge of usernames, passwords and other normal means of access
- A company will employ penetration testers to test a networks security and use any information gained to to fix any issues that are found
- There are two main types of penetration testing:
- Malicious insider
- External attack
Malicious insider (white-box)
- When the person or team testing the system has knowledge of and possibly basic credentials for the target system, simulating an attack from inside the system
External attack
- When the person or team testing the system has no knowledge of any credentials for the target system, simulating an attack from outside the system