Pentest
Definition
A pentest (penetration test) is an authorised, simulated cyberattack on a system, network or application to discover vulnerabilities before malicious actors do.
In a pentest, an ethical hacker, also called a penetration tester or red teamer, simulates a real attack on an organisation's digital environment. This can encompass external systems, internal networks, web applications, mobile apps or cloud infrastructure.
A pentest typically goes through the phases: reconnaissance, scanning, exploitation and reporting. The result is a detailed report with vulnerabilities found, evidence of exploitation and concrete recommendations.
Pentests are mandatory under regulations such as DORA (financial sector) and are increasingly required by clients, insurers and certification bodies. DEFION carries out pentests for all types of environments.