glossary

What is penetration testing?

Source-cited RoleMath page about What is penetration testing?.

Build my personalized career plan

Researched by RoleMath Research. Every figure on this page traces to the official source shown next to it.

What is penetration testing?

Penetration testing is a security-assessment method in which authorized testers attempt to circumvent or defeat a system's security controls — under agreed constraints — to find exploitable weaknesses before real attackers do.

What it means

NIST describes penetration testing as a methodology where assessors, working under specific rules, try to bypass a system's defenses. It is authorized, scoped attack simulation used to surface and document real vulnerabilities. It is the core activity behind offensive-security roles and credentials such as penetration tester and ethical hacker.

Sources

  • National Institute of Standards and Technology — NIST CSRC Glossary: https://csrc.nist.gov/glossary

Citation Ledger

IDSupportsEvidenceSource
CIT-01Definition source for What is penetration testing?Official source pageNational Institute of Standards and Technology — NIST CSRC Glossary

Ready to see how this fits your background?

RoleMath planner