Advanced Level – Cross-Cutting
Penetration Testing – ISTQB Definition
Last Updated: July 12, 2026 · SoftwareTestPilot QA Team
Official ISTQB Definition
An attempt to exploit vulnerabilities of a component or system to determine whether they can be used to violate security.
In simple words
Simulate a real attack on the system to find exploitable holes.
Exam tip
Pen testing is manual + tools-driven; scanners find surface vulns, pen testers chain them into exploits.
Related terms
- Security TestingTrying to break in, leak data, or escalate privileges — before an attacker does.
- Attack TestingDeliberately attack the system the way a real attacker would — SQL injection, XSS, buffer overflows.
- Security Testing ToolBurp Suite, OWASP ZAP, Nessus — scan for vulnerabilities and simulate attacks.
Practice this term in the ISTQB Mock Test
40 CTFL v4.0 questions, 60-minute timer, instant scoring and chapter-wise breakdown.
Practice in Mock Test