Different offensive testing techniques can be used depending on your organization’s security objectives. These techniques range in scope and coverage from initial vulnerability assessments, which have a bigger focus on breadth of coverage, to penetration testing which are a more in-depth examination of specific assets (such as web applications, networks or mobile applications).
Penetration testing then leads onto and forms part of larger, more complex and in-depth attack simulations which span multiple domains of information security (people, process and technology) to identify vulnerabilities across the organization.