What is the difference between penetration testing and vulnerability scanning?
Vulnerability scans are automated tests that identify vulnerabilities in organisations’ systems and applications.
Penetration testing is much more rigorous than vulnerability scanning, as it’s essentially a controlled form of hacking. The tester – known as an ethical hacker – works on behalf of an organisation and looks for vulnerabilities in its systems.
In that regard, their actual work is much the same way as a criminal hacker. Indeed, unlike vulnerability scans, penetration tests are designed to identify not only weaknesses but also exploit them.
Doing this demonstrates to an organisation exactly how a cyber criminal would infiltrate its systems and what information they could access.
Info: IT GourvernanceBack to all articles