PCIDSS.COM - PCI DSS Security Solutions Directory

Category: Penetration testing

A Penetration Test or Ethical Hacking assesses an IT system for vulnerabilities and exploiting them where possible to elevate privilege and compromise sensitive data or environments. Generally, these tests should not affect availability but due to the inherent low-level nature of many of the exploits, system availability may be affected. Penetration testing provides the most real-world test of a system’s effective resistance to being exposed to untrusted networks, such as the Internet, but on the engaging organization’s terms and with ethical hackers, providing actionable findings to remediate issues identified.