Penetration Test vs. Vulnerability Assessment
A Vulnerability Assessment is a process of identifying and analyzing a system or network for any potential vulnerabilities, flaws or weaknesses that could leave it open to exploitation.
It is performed using:
- Full credentials Supplied or limited to basic user credentials dependent on level of test.
- Full access to Network diagrams and schematics.
- Full access to Configuration scripts and files.
A Penetration Test is essentially an evaluation of a system or networks current state of security and its likelihood to be susceptible to a successful attack by a malicious hacker or nefarious user. The process involves enumeration and scanning for any technical flaws or vulnerabilities. After such flaws are found, attempts are then made to penetrate inside the network and gain a foothold. Once this has been established, attempts are then made to utilize trusts and relationships to gain further ingress into the domain.
For a penetration test, please submit: