Pentesting Overview
- Date
- 2026-05-17
A pentest aims to uncover and identify ALL vulnerabilities in the systems under investigation and improve the security for the tested systems.
Other assessments, such as a red team assessment, may be scenario-based and focus on only the vulnerabilities leveraged to reach a specific end goal (i.e., accessing the CEO's email inbox or obtaining a flag planted on a critical server).
Pentesting is also part of Risk Management for an IT company.
“During a pentest, we prepare detailed documentation on the steps taken and the results achieved. However, it is the client's responsibility or the operator of their systems under investigation to rectify the vulnerabilities found. Our role is as trusted advisors to report vulnerabilities, detailed reproduction steps, and provide appropriate remediation recommendations, but we do not go in and apply patches or make code changes, etc. It is important to note that a pentest is not monitoring the IT infrastructure or systems but a momentary snapshot of the security status. A statement to this regard should be reflected in our penetration test report deliverable.”
Vulnerability analysis, in contrast to penetration tests, are performed using automated tools like Tenable Nessus, Qualys and OpenVAS. “In most cases, these automated checks cannot adapt the attacks to the configurations of the target system. This is why manual testing conducted by an experienced human tester is essential.”
Pentesting is a mix of manual and automated testing/validation that is performed after manual information gathering in most cases. It is tailored to each system and requires a mutual written agreement before beginning the assessment. Third-party vendors cannot be tested unless their permission is received, or prior authorisation is not required; this can be confirmed during the scoping phase.
Penetration tests can start externally or internally. Externally meaning from the perspective of an anonymous attacker/user on the internet. Internally meaning from the perspective of an employee within the network, or a system that does not have internet access.
Types of Pentests:
| Type | Information Provided |
|---|---|
| Blackbox | Minimal |
| Greybox | Extended |
| Whitebox | Maximum |
| Red-Teaming | May include physical testing and social engineering, usually as part of a team in an offensive scenario. |
| Purple-Teaming | Focused on working closely with defenders (how does this differ from blue teaming then?) |