Target application

A target application is the specific software program, system, or component designated as the focal point of security-related activities such as vulnerability assessments, penetration testing, code reviews, or threat analysis. It can be any type of software — a web application, mobile app, desktop program, embedded system, or backend service — that has been selected for systematic security scrutiny. By clearly defining a target application, security professionals establish the scope and boundaries of their evaluation efforts.

Identifying a target application is a critical first step in any security engagement, as it allows teams to map the application's attack surface, understand its architecture, and prioritize the discovery of vulnerabilities that could compromise data integrity, confidentiality, or availability. This focused approach ensures that defensive measures, such as patching, configuration hardening, and secure coding practices, are applied methodically to reduce risk and strengthen the application's overall security posture against evolving cyber threats.