Q: What is Penetration Testing (pentesting)?

A: Penetration Testing, Vulnerability Assessments and Security Audits are often incorrectly used interchangebly.

Penetration Testing (pentesting)
Penetration Testing also known as Ethical Hacking describes using hacking tools and methodology to assess the strength of in place security controls.

Vulnerability Assessments (t&v)
A security assessment which reviews security controls in the IT environment, potentially down to host/device/application build and configuration review.

Security Audits
Is a security review of IT infrastructure and policies against a standard such as ISO17799 or industry best practice.