Penetration testing is a security exercise where a cyber-security expert attempts to find and exploit vulnerabilities in a computer system. The purpose of this simulated attack is to identify any weak spots in a system’s defenses which attackers could take advantage of. Pen testing is part of a holistic security strategy and helps organizations discover vulnerabilities and flaws in their systems that they might not have otherwise been able to find. It can also help organizations comply with data security and privacy regulations by finding ways that sensitive data could be exposed.