An external penetration test is a simulated attack by security experts on an organization's internet-facing systems, like websites and email servers, to identify exploitable vulnerabilities.

An internal network penetration test, or assumed breach, simulates cyberattacks within an organization's internal network to identify vulnerabilities in systems, devices, and configurations, enhancing internal security and resilience.

A cloud security penetration test evaluates the security of cloud environments, identifying vulnerabilities in cloud services, configurations, and deployments to ensure robust protection against breaches.

A web or mobile application penetration test assesses the security of web and mobile applications, identifying and mitigating vulnerabilities to protect against data breaches and unauthorized access.

An API penetration test assesses the security of application programming interfaces, identifying vulnerabilities in authentication, data handling, and access controls to ensure secure communication between systems and protection against unauthorized access or data breaches.

A physical penetration test simulates unauthorized physical access attempts to test and improve the effectiveness of an organization's physical security measures and controls.