Penetration testing (otherwise known as pentesting) is the process of testing your applications for vulnerabilities, and answering a simple question."What could a hacker do to harm my application, or organisation, out in the real world?"
Why is testing for application security important? Can't an organisation just respond to an incident if, or when it occurs? Whilst that viewpoint may sound mad to someone security conscious, it is unfortunately the approach that many organisations worldwide still take today.