Back to Basics: Vulnerability Assessments vs Penetration Test

Free AI web copilot to create summaries, insights and extended knowledge, download it at here

1283

Abstract

can. Different types of scans can be run for different results or reasons.<ul><li>Credentialed scans allow for the scanners to fully scan the machines and find both internal and external vulnerabilities with the host. These are preferred scans because they give a full picture of the hosts and the vulnerability landscape.</li><li>Compliance Scans are used to ensure that the organization is running at a level that falls within the compliance minimum. If the compliance minimum is not met, the business cannot operate and generate revenue.</li><li>Specialized Scans are used to help detect misconfigurations that can lead to potential exploitation based on popular vulnerabilities. A common scan is to scan for public exploits such as BlueKeep, a misconfiguration in remote desktop (RDP) that allows admin-level access to vulnerable hosts.</li></ul><h1 id="7122">Penetration Test</h1>Like a vulnerability assessment, a penetration test is deployed to discover vulnerabilities within a target system — however — it also highlights the impact those vulnerabilities have on the organization by exploiting them and performing post-exploitation techniques such as lateral movements and privilege escalation. This is to see

Options

if a discovered vulnerability is genuine and how it should reflect back to the customer or organization.<h1 id="a0f2">Differences</h1>Breadth vs. depthA vulnerability assessment only uncovers the issues with the network and should be deployed regularly to allow organizations to stay on top of what is in their network and the issues within the network. Additionally, it is a wonderful task to deploy for not so mature organizations attempting to get an idea of their overall security posture. It is recommended that companies with smaller budgets.Penetration testing helps test against norms and culture issues that leak into technology. For example, a company may think it has the highest maturity level of defenses — a penetration test can test that assumption by exploiting the defenses.AutomationVulnerability assessments are much easier to automate because scanners typically have timers associated with them that allow administrators to run scans based on off-hours and less busy hours to help generate less noise in the network. A penetration test is best executed manually; however, automated tools can help automate some tasks during a penetration test.</article></body>

Back to Basics: Vulnerability Assessments vs Penetration Test

The chances are that you have heard the term vulnerability assessments used interchangeably with pentest, or vice versa. If you haven’t, consider yourself luck (or perhaps you work with orgs keeping up with the times). There is also a good chance that you may have been part of a team that performs penetration tests and been requested to perform a test only to find out it isn’t a pentest but just a vulnerability assessment. The purpose of this quick read is to help illustrate the great differences between vulnerability assessments and pentest.

Vulnerability Assessments vs Pentesting

Vulnerability Assessment

A vulnerability assessment identifies issues such as system vulnerabilities and some misconfiguration on hosts within a network. Also known as targets, these hosts are typically scanned with some type of network or system scanning tool such as Nessus, Nexpose, or Openvas — the tools scanned the host a deliver a report based on the results of the scan. Different types of scans can be run for different results or reasons.

Credentialed scans allow for the scanners to fully scan the machines and find both internal and external vulnerabilities with the host. These are preferred scans because they give a full picture of the hosts and the vulnerability landscape.

Compliance Scans are used to ensure that the organization is running at a level that falls within the compliance minimum. If the compliance minimum is not met, the business cannot operate and generate revenue.

Specialized Scans are used to help detect misconfigurations that can lead to potential exploitation based on popular vulnerabilities. A common scan is to scan for public exploits such as BlueKeep, a misconfiguration in remote desktop (RDP) that allows admin-level access to vulnerable hosts.

Penetration Test

Like a vulnerability assessment, a penetration test is deployed to discover vulnerabilities within a target system — however — it also highlights the impact those vulnerabilities have on the organization by exploiting them and performing post-exploitation techniques such as lateral movements and privilege escalation. This is to see if a discovered vulnerability is genuine and how it should reflect back to the customer or organization.

Differences

Breadth vs. depth

A vulnerability assessment only uncovers the issues with the network and should be deployed regularly to allow organizations to stay on top of what is in their network and the issues within the network. Additionally, it is a wonderful task to deploy for not so mature organizations attempting to get an idea of their overall security posture. It is recommended that companies with smaller budgets.

Penetration testing helps test against norms and culture issues that leak into technology. For example, a company may think it has the highest maturity level of defenses — a penetration test can test that assumption by exploiting the defenses.

Automation

Vulnerability assessments are much easier to automate because scanners typically have timers associated with them that allow administrators to run scans based on off-hours and less busy hours to help generate less noise in the network. A penetration test is best executed manually; however, automated tools can help automate some tasks during a penetration test.