Also called pen testing, is the practice of testing a computer system, network or Web application to find vulnerabilities that an attacker could exploit.