What is Penetration Test? — UK Software Development Guide
Direct Answer
A penetration test (pen test) is a simulated cyber attack against a software system, network, or application — conducted by security professionals with permission from the system owner — to identify exploitable vulnerabilities before malicious attackers do.
Penetration-test in the UK
UK-specific pen test requirements: Cyber Essentials Plus requires an annual CREST-certified penetration test. DTAC Domain 3 for NHS-connected apps requires CREST-certified pen testing. FCA-regulated firms should conduct annual pen tests as part of operational resilience. CREST (Council of Registered Ethical Security Testers) is the UK certification body — CREST certification is the recognised standard for UK regulatory compliance. Budget: £4,000–£15,000 for a web application pen test from a CREST-certified provider.
Related Glossary Terms
UK GDPR
UK GDPR explained for UK software developers and business owners. UK GDPR (UK General Data Protection Regulation) is the post-Brexit version of EU GDPR, retained into UK law via the Euro... UK context, examples, and related services.
Cyber Essentials
Cyber Essentials explained for UK software developers and business owners. Cyber Essentials is a UK government-backed cybersecurity certification scheme developed by NCSC (National Cyber Security... UK context, examples, and related services.
DEVOPS
DevOps explained for UK software developers and business owners. DevOps is a set of practices, principles, and culture that combines software development (Dev) and IT operations (Ops) t... UK context, examples, and related services.
Postgresql
PostgreSQL explained for UK software developers. PostgreSQL (commonly called Postgres) is a powerful, open-source relational database management system. It supports adva... UK context and related services.
Penetration-testing
Penetration Testing explained for UK software developers. Penetration testing (pen testing) is a simulated cyber attack against a software system, network, or application to disc... UK context and related services.
Terraform
Terraform explained for UK software developers. Terraform is an open-source Infrastructure as Code (IaC) tool by HashiCorp that allows you to define, provision, and man...
Get Expert Advice on Penetration-test
Speak with our UK software development experts about Penetration-test. Free consultation, transparent pricing, no obligation.