Quality is delighting customers
Testing method which evaluates the security of a computer system or network by simulating an attack from a malicious source. Usually they are conductedby specialized penetration testing companies.
Hope it helps.
Regards, Ronak Shah (http://www.techgig.com/QAExpert), Practice Head - Software Testing (QA), CIGNEX Datamatics
---- Email: current organization: email@example.com
---- Email: Personal: firstname.lastname@example.org
Here is an answer to your query. Please check this link - http://vera.cd/1N8fq0L
A penetration test(Pen Test) helps to determine that whether a system under test is vulnerable to attack. Outcome of test will let the team know if the defenses were enough, and which area (if any) the test defeated. Penetration testing includes network penetration testing and application security testing from inter and outside network.
Penetration testing for an application cover following: -
- Cross-site Scripting
- SQL Injection
- Cross-site Request Forgery
- HTTP Response Splitting
If you don't have expertise on Penetration testing then you can consult any software testing company for the same.
For more details please visit following link to get more details:
Penetration testing is a sort of security testing used to test the shaky territories of the system or application. The objective of this testing is to discover all security vulnerabilities that are available in the system being tested. Vulnerability is the danger that an attacker can upset or increase approved access to the system or any information contained inside it.
An effective penetration test will usually involve a skilled hacker, or team of hackers. You purposefully ensure that the hacker(s) don't have access to any source code, and ask them to try to gain access to your systems. Penetration tests can be carried out on IP address ranges, individual applications, or even as little information as a company name. The level of access you give an attacker depends on what you are trying to test.
The type of penetration test selected usually depends on the scope and whether the organization wants to simulate an attack by an employee, Network Admin (Internal Sources) or by External Sources. There are three types of Penetration testing and they are
Penetration testing is a type of Security Testing used to test the insecure areas of the system or application. The goal of this testing is to find all security vulnerabilities that are present in the system being tested. Vulnerability is the risk that an attacker can disrupt or gain authorized access to the system or any data contained within it. It is also called pen testing or pen test.
Vulnerabilities are usually introduced by accident during software development and implementation phase. Common vulnerabilities include design errors, configuration errors, software bugs etc.
A penetration test is a method of evaluating the security of a computer system or network by simulating an attack from a malicious source.
Penetration testing is the way of improving & determining the security of an enclave. The enclave can be physical (e.g. a data center), logical (e.g. a n/w), or a combination. What the penetration test includes depends greatly on the purpose and scope of the test, as agreed upon by the customer and the testing team.
Some of the activities that can be part of a penetration test include:
Intelligence gathering (Google, Facebook, LinkedIn, etc)
Network penetration, a.k.a. "hacking"
Penetration testing is a hot buzzword at the moment, and there is currently far more demand for penetration testing than there are qualified and responsible teams. It is important for a customer to have a firm grasp of what the intended purpose of the test is, and to have a comprehensive set of ground rules signed by all concerned parties: data owners, testers, and administrators/responders. The ground rules should include off-limits addresses and methods, ways of deconflicting real-world events from the tester's actions, non-disclosure agreements on both sides, and a clearly-defined time limit on the test.