top of page

What is a pen test?

Writer: Scott GingoldScott Gingold

What is a pen-test: A pen test - short for penetration test - is a simulated attack on a network to test the strength of its security. Usually, the pen-tester will have a specific objective (e.g., “compromise this piece of data…). A vulnerability scan tells you “what are my weaknesses?”, and the pen test tells you “how bad a specific weakness is.”


Different industries will have different government-mandated requirements that dictate the frequency of penetration testing. One of the more broad-reaching regulations, the PCI DSS, for example, requires testing on an annual basis. However, it is prudent to go beyond the legal minimum. You should also conduct a pen-test every time you have:

  • added new network infrastructure or applications

  • made significant upgrades

  • made modifications to infrastructure or applications

  • established new office locations

  • applied a security patch (or patches)

  • modified end-user policies

In other words, any time you have made a significant update to your software or hardware, it should be considered essential to conduct pen-testing (and update IT documentation).


Learn more about how our company can help your #lehighvalley #business. Contact us at 610-866-2828 or via our contact form.

Comments


bottom of page