24 Hour Support Desk (905) 307-4357



Vulnerability Assessments and Penetration Testing


Vulnerability Assessments and Penetration Testing

This entry was posted on by Maria Kelebeev.
penetration testing

While the terms Vulnerability Assessments and Penetration Testing may be familiar and frequently used in security conversations, there is still some ambiguity about what they mean.
Both play a vital role in a well-rounded security plan and vulnerability management, and knowing which to use and when to use it is important.

Vulnerability Assessments

A vulnerability assessment determines the extent of the vulnerability of a system and what it might be susceptible to. Such an assessment delivers a list of vulnerabilities along with an estimate of how extensive and how severe the risks are. Vulnerability assessments are performed with the help of automation tools and the results are then evaluated. Specific recommendations are made, with the most suitable remedy to reduce each risk.

Penetration Testing

Penetration testing is less about flagging the potential risk and more about simulating a real attack and analyzing how the system behaves in the event of an attack. Existing defenses are tested to see if they hold up and path are sought out to see if the protection can be maneuvered about. Penetration testing is also done using automation tools.
The Main Difference
Penetration testing is goal oriented and is about causing a break-in.
Vulnerability assessments are list oriented, collecting all possible vulnerabilities and suggesting ways to protect the system.

What to Use When

Since they are similar in their tools and techniques, here is a brief description of where and when to use what.

Penetration testing is particularly useful when the security level of a system is more mature, when the target is believed to have a strong defence system in place.

Vulnerability Assessments are more suitable in organizations that are just starting to establish their defences. Because a vulnerability assessment indicates where the weaknesses are that need to be addressed, it is more suitable for a situation where breadth rather than depth is required.

Looking for guidance in matter of Cyber Security, feel free to browse though our security page, or reach out to us for a security assessment.

Join our newsletter!

Facebook Twitter Linkedin
Maria Kelebeev on EmailMaria Kelebeev on Linkedin
Maria Kelebeev
Maria Kelebeev
Digital Marketing Manager at MBC Managed IT
For more information call us at: (905) 307-4357 or fill out our contact form and we’ll reach out to you.
Latest tweets from MBC:

Our executive vice-president, Tammy Nyman, was named the 2019 CDN Women in the IT Channel Mentor of the Year! CDN has just released an article highlighting why she was chosen to be honoured at the award event on August 22nd. Click here for the full story! channeldailynews.com/news/201… pic.twitter.com/KaPIegqJv2

From MBC's Twitter via Hootsuite Inc.

Join our newsletter!