There 5 types of pen tests: Web application pen test, black box external pen test, mobile app (iOS/Android) pen test, wireless WIFI pen test & post breach internal pen test.
Web Application Penetration Test
If you are performing a web application penetration test, the ultimate objective will be to harden the infrastructure and application against cyber attacks. Additionally, you may have a secondary objective to provide evidence to a client or a partner that you have performed an appropriate level of cyber security due diligence by having a penetration test performed against the application.
What is an External Black-Box Pen Test?
An External Black-Box Penetration Testing mimics the actions of an actual adversary by attempting to exploit weaknesses in network security without the dangers of a real threat. This test examines external IT systems for any weakness that could be used by an external attacker to disrupt the confidentiality, availability or integrity of the network, thereby allowing the organization to address each weakness.
What is a Post-Breach Internal Penetration Test
A post-breach penetration test (or internal pen test, or Red Team test) starts with the premise that someone in your organization has:
- Opened up a malicious email attachment
- Browsed to the wrong website and / or clicked the wrong link
- Plugged in a weaponized USB or removable media device
Review the full scope on information on the types of penetration testing we offer on our pen test page