Even seasoned cybersecurity professionals confuse penetration tests with vulnerability scans. Both play an important role in the security practitioner’s toolkit, but they vary significantly in scope and expense.
Here are answers to some common questions about the topic:
1. What Is Penetration Testing?
During a penetration test, highly skilled cybersecurity professionals assume the role of attacker and try to break into an organization’s network. Just as an attacker would, they conduct reconnaissance on the network and exploit vulnerabilities to gain a foothold on the network. These tests point out weaknesses that could be exploited by a real hacker and provide a roadmap for remediation.
2. What Is a Vulnerability Scanner and How Is It Used?
Vulnerability scanners are automated security testing tools that probe all of the systems connected to a network and identify vulnerabilities. They run thousands of security checks against each system they discover. Most organizations run automated vulnerability scans at least weekly to quickly identify vulnerabilities for remediation.
3. What Types of Vulnerabilities Are Usually Discovered?
Common issues include outdated OS versions that are missing security patches and are vulnerable to exploit; application security flaws, such as SQL injection and cross-site scripting vulnerabilities; and insecure configuration settings, such as weak encryption ciphers and the use of default passwords.
4. What’s the Difference Between the Two?
Both discover hidden weaknesses in systems, applications, network devices and other network-connected components. Vulnerability scanning is highly automated, while penetration testing is manual and time-consuming.
5. When Is One Better than the Other to Perform?
Most organizations combine them, running frequent vulnerability scans backed up by penetration tests. Penetration tests provide a comprehensive evaluation of a system’s or application’s security by exposing it to real attackers. Vulnerability scans can run constantly and scan very large networks but lack the human touch involved in a penetration test.