The FREE Cybersecurity Glossary by Thor Pedersen!

Payroll system: An application or system used to manage employee compensation, including salary calculation, tax withholding, benefit deductions, and paycheck distribution. A reliable and accurate payroll system is essential for financial management and regulatory compliance.

Peer-to-peer (P2P): A type of network structure where each computer has the same capabilities and functions, allowing it to act as both a client and a server. It is used in networking to allow for decentralized communication and data sharing. Examples include BitTorrent and Skype.

Penetration Test: A simulated real-world attack on a computer or network system to evaluate its vulnerabilities and defenses. It is used in cybersecurity to identify weaknesses and enhance security measures through various methods, including vulnerability assessments and red team exercises.

Penetration Testing - Chartering: Chartering in penetration testing involves setting clear guidelines and agreements between the tester and client about the scope, objectives, methods, legal considerations, and expected outcomes. It ensures ethical boundaries are observed, aligns testing with client needs, and carefully handles sensitive systems.

Penetration testing - Discovery: The process of gathering as much information as possible about the target system, network, or application. This could include data about IP addresses, domain details, user inputs, network mapping, and more. The intention here is to identify potential vulnerabilities or weak spots that can be targeted during the test, often utilizing techniques like port scanning, vulnerability scanning, and network sniffing.

Penetration testing - Exploitation: A phase of a penetration test where identified vulnerabilities are actually attacked. The tester attempts to exploit these vulnerabilities in a controlled manner to emulate potential attacks an actual hacker could perform. The goal of this phase is not to cause damage but rather to understand the depth of access an attacker could potentially achieve and what kind of data or control they might be able to obtain.