A penetration test, also known as a pen test or ethical hacking, is an authorized simulated cyberattack on a computer system, network, or web application, performed to evaluate the security of the system. Penetration testers use the same tools, techniques, and processes as attackers to find and demonstrate the business impacts of weaknesses in a system. Penetration tests usually simulate a variety of attacks that could threaten a business, and they can examine whether a system is robust enough to withstand attacks from authenticated and unauthenticated positions, as well as a range of system roles. There are different types of penetration testing, depending upon the goal of the organization, which include network (external and internal), wireless, web application, social engineering, and remediation verification. Penetration testing is a component of a full security audit and can support risk assessments. Penetration testing can determine how a system reacts to an attack, whether or not a systems defenses can be breached, and what information can be acquired from the system. Penetration testing is more comprehensive than vulnerability assessments alone, and it can help organizations identify weaknesses in their security posture. Penetration testing supports regulatory compliance and can help companies prove compliance with data security regulations.