What is penetration testing

P A penetration test, also known as a pen test, is a simulated cyber attack against your computer system to check for exploitable vulnerabilities. In the context of web application security, penetration testing is commonly used to augment a web application firewall (WAF). Read more in Impreva.

Pen testing can involve the attempted breaching of any number of application systems, (e.g., application protocol interfaces (APIs), frontend/backend servers) to uncover vulnerabilities, such as unsanitized inputs that are susceptible to code injection attacks. Pentest Insights provided by the penetration test can be used to fine-tune your WAF security policies and patch detected vulnerabilities.

Internal testing

External testing

Targeted testing

Penetration testing stages
The pen testing process can be broken down into five stages.
Insights
Insights provided by the penetration test can be used to fine-tune your WAF security policies and patch detected vulnerabilities.