|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Vulnerability Assessment vs. PenTest
lakshminarayanan79
yahoo.com
Date: Sun Aug 20 2006 - 23:14:36 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
VAs still have values. For example, when an security admin want to know the threat level of the network, VA provides information about various vulnerable machines and ports. As you said, VAs do not exploit the vulnerability.
But Pen.Test do exploit the vulnerabilities and have to be done carefully. Pen. Test is not as frequent as VAs. Because during pentest, assets are attacked and security is compromised. But during VAs it is simply studying the current security posture.
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]