1. The act of determining vulnerabilities in a targeted system or network. (Common examples include port scanning and open network traffic analysis.)
Source: Cyber Threats to Elections – A Lexicon, Cyber Threat Intelligence Integration Center & Office of the Director of National Intelligence, https://www.dni.gov/files/CTIIC/documents/CTIIC_2018_Lexicon_without_banner_small_file_for_Post.pdf
2. An action to discover malicious tools or vulnerabilities in a targeted system or network.
Source: U.S. Cyberspace Solarium Commission, March 2020, https://subscriber.politicopro.com/f/?id=00000170-c638-d8f7-a7f1-f63b33510000