Tuesday, April 25, 2006

Penetration Testing vs Vulnerability Assessment

Informative post on the difference between pen testing and vulnerability assessment:

Penetration Testing vs Vulnerability Assessment

This post brings up an important point. What most companies are looking for, at least initially, is a vulnerability assessment. This allows you to generate a list of problems with your infrastructure that may need repair or some other form of mitigation. This can take the form of a security audit, where you have some outside consultant come in and run all kinds of tests against your network, or it can take the form of some form of vulnerability scanning product, such as the one offered by Qualys.

0 Comments:

Post a Comment

Links to this post:

Create a Link

<< Home