Penetration testing is a process in which a security professional simulates an attack on a network or computer system to evaluate its security—with the permission of that system’s owners.
Don’t let the word “simulates” fool you: A penetration tester (or pen tester, for short) will bring all the tools and techniques of real-world attackers to bear on the target system. But instead of using the information they uncover or the control they gain for their own personal enrichment, they report their findings to the target systems’ owners so that their security can be improved.
