Automated scanning to identify known vulnerabilities and misconfigurations across systems and applications.
Note: While NOT a pentest, vulnerability assessments can assist in large pentest engagements to speed up discovery and save time (and money) by identifying low-hanging fruit before manual testing begins.
Manual testing of web applications to gain assurance by attempting to breach security using adversary techniques.
Note: This is a core type of penetration testing. Often includes both automated scanning and manual testing to provide comprehensive security assurance for web applications.
Long-term adversarial simulation to test detection and response capabilities against advanced persistent threats.
Note: NOT a pentest - this is offensive security focused on testing your security team's detection and response capabilities rather than gaining system security assurance.
Manual analysis of source code to gain assurance that applications follow secure development practices.
Note: Can be part of a comprehensive penetration test engagement, particularly for custom applications where source code access is available. Provides security assurance at the code level.
Validation of adherence to regulatory frameworks through documentation and controls review.
Note: NOT a pentest - this is checkbox compliance work. However, compliance assessments can often be parental to penetration testing, as many regulations (like PCI DSS) actually require penetration testing as part of compliance requirements.
Testing of network infrastructure and systems to gain assurance by attempting to breach security defenses.
Note: This is a core type of penetration testing. Often combined with vulnerability assessments for comprehensive coverage and may include wireless, internal network, and external perimeter testing.
Analysis of system configurations to gain assurance that security settings follow best practices.
Note: Often included as part of comprehensive penetration testing engagements. Can be standalone work but frequently combined with infrastructure or application testing for complete security assurance.
Investigation and analysis of digital evidence to understand what happened during a security incident.
Note: NOT a pentest - this is reactive incident investigation work. Focuses on understanding what happened after a breach rather than proactively testing security before one occurs.
Testing of API endpoints and logic to gain assurance by attempting to breach API security controls.
Note: This is a specialized type of penetration testing focused on API security. Critical for modern applications that rely heavily on API integrations and microservices architectures.
Testing of mobile applications to gain assurance by attempting to breach app security on iOS and Android.
Note: This is a specialized type of penetration testing for mobile platforms. Includes testing of both the mobile app itself and any backend APIs or services it connects to.