Home page logo

pen-test logo Penetration Testing mailing list archives

Re: Vulnerability Assessment vs. PenTest
From: lakshminarayanan79 () yahoo com
Date: 21 Aug 2006 04:14:36 -0000

VAs still have values. For example, when an security admin want to know the threat level of the network, VA provides 
information about various vulnerable machines and ports. As you said, VAs do not exploit the vulnerability.

But Pen.Test do exploit the vulnerabilities and have to be done carefully. Pen. Test is not as frequent as VAs. Because 
during pentest, assets are attacked and security is compromised. But during VAs it is simply studying the current 
security posture.

This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]