One of the goals of the 2016 NIS Directive was to harmonize Member States’ cybersecurity protection initiatives and to boost the EU’s overall level of cybersecurity. Despite all the attempts to achieve this goal, there remains fragmentation standing in the way of a single European approach. This is undermined by [...]
Penetration testing, also called pen testing or ethical hacking, is the practice of testing a computer system, network or web application to find security vulnerabilities that an attacker could exploit. Penetration testing can be automated with software applications or performed manually. Either way, the process involves gathering information about the target before the test, identifying possible entry points, attempting to break in — either virtually or for real — and reporting back the findings.
The main objective of penetration testing is to identify security weaknesses. Penetration testing can also be used to test an organization’s security policy, its adherence to compliance requirements, its employees’ security awareness and the organization’s ability to identify and respond to security incidents.