Penetration testing, also referred to as pen testing, is a simulated real world attack on a network or application that identifies vulnerabilities and weaknesses. Penetration tests (pen tests) are part of an industry recognised approach to identifying and quantifying risk. They actively attempt to ‘exploit’ vulnerabilities and exposures in a company’s infrastructure, applications, people and processes. Through exploitation, Cysec101 is able to provide context around the vulnerability, impact, threat and the likelihood of a breach in an information asset.