In some organizations these terms are used interchangeably to identify processes meant to root our weaknesses in applications and infrastructure. That is for generic consumer or beginner user perception and way for express need relate to that domain of requirement. For the industry and professional who carry out the Vulnerability Assessment and Penetration Testing (VAPT) with extensive of working knowledge and expertise, they are know it is refer two difference needs and requirement, and the process for carry them out is complete difference, no to mention for the cost involved.
Vulnerability assessment (VA)
Vulnerability assessment (VA) is involved carry out vulnerability scans, usually make use of automated tools, with some manual support, to identify known weaknesses in a target enterprise. These scans can be a perfunctory as a port scan, or a scan for PCI compliance or the OWASP top ten vulnerabilities. The market is full of good tools that meet any need and a properly scoped vulnerability scan can reveal a lot about an environment, including unapplied patches, vulnerable software versions, common weaknesses in applications and gaps in network controls like firewalls. What a vulnerability scan cannot do, is exploit those weaknesses to prove their severity or determine the extent the control environment’s potential for compromise. A vulnerability scan also cannot often identify when other controls in an environment might mitigate a vulnerability and render it useless as an exploit.
In general, the scope of work typical involve make use of off-the-shelf software package, whether open source or commercial, to perform the scan an IP address or range of host IP addresses for known vulnerabilities. The software then produces a report that lists out found vulnerabilities and (depending on the software and options selected) will given an indication of the severity of the vulnerability and basic premeditation steps. Typical generic vulnerability scanner is use on host to perform either credential and non credential scanning to collect surface and in-depth vulnerability assessment information form the IP host involved. While generic vulnerability scanner provide almost all but relative surface coverage compare with purpose built vulnerability scanner target for web application, database, wireless, network device, mobile application and so on.
Running a vulnerability assessment is a good starting point in order to focus on the most critical assets of your environment that support the business and to detect where vulnerabilities might be. It also more cost effective compare with engage for penetration testing services. The goal of the vulnerability assessment is to scan and list all the vulnerabilities in your network, server or application asset, but also explain what can be achieved if they are exploited. List of recommendation is usually provided. From there, you can carry out the recommendation to close down vulnerabilities identified. If penetration testing really want to carry out, is always base on you had the vulnerability assessment report as baseline to determine what the matter most worth to consider penetration testing (if really required, due to time and cost involved).
Penetration Testing (PT)
A penetration test can use a vulnerability scan, in fact, reconnaissance is part of any attack against an enterprise. Penetration tests usually involve manual effort as well as penetration testing and exploit development/testing software, though a very basic penetration test can be performed by an assortment of tools that seek to exploit the very most basic vulnerabilities and deliver a payload. These are good for identifying issues in less secure or less mature environments that lack good detective controls or have a poor understanding of how their environment is constructed. More mature environments with the resources and technology to provide multiple layers of protection may be able to detect and mitigate these simpler penetration tests. A good, manual penetration test, with skilled practitioners can reveal the less obvious holes in a control environment, the sort that result in major compromises in the real world.
In general, penetration testing involved from the vulnerability scan, identified for the potential vulnerability, and perform the act of attempting to exploit them, ie vulnerability verification, vulnerability exploitable confirmation. Depend on the nature of vulnerability and type, whether it is web application, server, database, wireless network, the penetration tester will make use of various specific off-the-shelf tool or write own script to exploits from scratch thru penetration testing or exploit development/testing software.
Know your need and requirement prior for VAPT
Every organization is different. Therefore, you need to understand the specific assets you need to protect and know who owns the assets and what their value is, and the budget you can afford. Vulnerability scanner involve ongoing maintenance cost for make it continue to provide latest and relevant vulnerabilities information. If it is one time job or ad hoc job, then you should consider outsourcing to someone perform just one time service, that is more cost effective need to no ongoing cost associate, even you are not more need to use on the future.
Penetration testing tool, is cost more when in compare with vulnerability scanner tool, again, it is cost involved.
Feel free to contact E-SPIN for your vulnerability assessment and penetration testing (VAPT), and E-SPIN being in this business since 2005, whether it is procuring the tool, training your employee how to do it, or you outsourcing it for us as project service (one time, project duration, or routine service under managed services), E-SPIN should had the option and package that address your needs and requirements.