What type of testing detects vulnerabilities that could be exploited by external attackers?

Covert security testing is specifically designed to detect vulnerabilities that could be exploited by external attackers. This type of testing simulates an attacker's perspective, allowing security professionals to identify weak points in the system without alerting the personnel involved in the system's operation. The goal is to uncover security flaws that could be exploited in a real-world attack, thereby providing insights into how well the organization's defenses hold up against potential external threats.

In contrast, static testing focuses on the analysis of source code or software binaries without executing the program, which may not reveal all vulnerabilities, particularly those that might be exploited from outside the system. Unit testing generally assesses individual components of a program for correctness and often does not address security concerns related to external threats. Integration testing combines different units and tests them as a group but mainly ensures that components work together rather than focusing on security exploits from external parties.