Intrusion Test

Intrusion Test

Intrusion tests (abbreviated as pen tests) consist in testing an information system's protection methods by subjecting the system to a real situation.

Two methods are generally used:

  • The black box method that consists of trying to infiltrate the network without any knowledge of the system in order to perform a realiztic situation
  • The white box method that consists of trying to infiltrate the system equipped with knowledge of the entire system in order to test the limits of the network's security

The consent (preferably written) of the highest level of the hierarchy must be received before these tests are performed, the reason being that they could cause possible damage and because the methods used are considered illegal without the express authorization of the system owner.

An intrusion test is a good way to increase the awareness of those involved in the project when it reveals a flaw. On the other hand, it does not guarantee system security because the testers may miss detecting vulnerabilities. Security audits are a better method for ensuring a higher level of system security because they take organizational and human elements into account and the security is anaylsed internally.

Ask a question
CCM is a leading international tech website. Our content is written in collaboration with IT experts, under the direction of Jean-François Pillou, founder of CCM reaches more than 50 million unique visitors per month and is available in 11 languages.


This document, titled « Intrusion Test », is available under the Creative Commons license. Any copy, reuse, or modification of the content should be sufficiently credited to CCM (