Pentest:
Penetration testing is an offensive security exercise conducted by an organization with the intent to uncover security weaknesses and ultimately help strengthen their defense mechanisms, threat detection capabilities and response times. Traditionally, penetration testing is performed by an independent third-party with little to no upfront knowledge of their target organization. This is done to imitate an adversary who is targeting the organization with nefarious intent.
Penetration testing can be performed against something as small as a single tenant application and as large as a global enterprise network. Several methodologies frameworks standards and tools exist which are often motivated by or designed to satisfy a particular compliance or regulatory committee such as PCI and HIPAA. [Pentest Geek]
Noted in “Pen Test Partners: Boeing 747s receive critical software updates over 3.5″ floppy disks,” Gareth Corfield, The Register:
“Aircraft themselves are really expensive beasts, you know,” said [Alex] Lomas as he filmed inside the big Boeing. “Even if you had all the will in the world, airlines and manufacturers won’t just let you pentest an aircraft because [they] don’t know what state you’re going to leave it in.”
