At present, cybercrime attacks are not only targeted and persistent, but also use extremely advanced malware to disguise themselves as legitimate users on the Internet, making them difficult to be detected.  
These attacks can easily avoid preventive security technologies such as firewalls, intrusion detection systems, and anti-virus software. Malicious software hidden in the internal network ,which allows hackers to capture valuable intellectual property, trade secrets, or customer data and increases corporate risk.Penetration
testing is a simulated hacker  attack that simulates a network system or host to exploit potential system vulnerabilities. Penetration testing can identify vulnerabilities that exist or have ont been updated in the system to determine the impact and risk of hacking attacks .It can fix vulnerabilities before hackers attack and inspect the protection effectiveness 
of existing security systems and then reinforce the vulnerability. At the same time, the penetration test can indicate which infected devices are exposed to the highest risk of data theft according to the threat activity in the system to provide clearer information and priority processing to the event response team.