<aside> <img src="/icons/badge_gray.svg" alt="/icons/badge_gray.svg" width="40px" /> Penetration Testing (Pentesting) is a simulated cyber attack to identify exploitable vulnerabilities in a computer system. Penetration Testing assesses systems for potential weaknesses that attackers could exploit

</aside>

Various types include

• Physical
• Offensive
• Defensive
• Integrated

Physical Penetration Testing

• Evaluates an organization’s physical security measures
• Examples:
  • Testing locks
  • Access card
  • Security cameras
• Identifies vulnerabilities and recommends improvements for enhanced physical security
• Benefits:
  • Improved security awareness
  • Preventing unauthorized access

Offensive Penetration Testing

• Known as “Red Teaming”
• Actively seeks vulnerabilities and attempts to exploit them, like a real cyber attack
• Helps uncover and report vulnerabilities to improve security
• Can simulate real-world attacks and gain support for cybersecurity investments

Defensive Penetration Testing

• Known as “Blue-Teaming”
• A reactive approach focused on strengthening systems, detecting and responding to attacks
• Monitors for unusual activity and improves incident response times