[Owasp-manila] Pentest vs. VA

Ariel Moncayo ariel.moncayo at owasp.org
Sat Apr 26 03:02:27 UTC 2014


Thanks Mhike :)

Follow-up questions: is there difference on the tools that are being use
when you are conducting a VA and Pentest?

On Saturday, April 26, 2014, Michael Dungog <michael.dungog at wasp.org> wrote:

> Vulnerability Assessment (VA) looks for known vulnerabilities in a system
> or a process of identifying and quantifying vulnerabilities in an
> environment while a Penetration Tester is designed to actually exploit
> weaknesses or simulates the actions of an external/internal attacker that
> aims to breach the security of the organization.
>
> The only key aspect of a VA are list-orientation while PenTest are
> goal-orientation.
>
> ---
> Michael
>
> > On 26 Apr, 2014, at 10:18 am, Ariel Moncayo <ariel.moncayo at owasp.org<javascript:;>>
> wrote:
> >
> > Hello guys,
> >
> > Please share your thoughts regarding the difference between VA and
> Pentest.
> >
> > Thanks,
> > Ayeah
> > _______________________________________________
> > Owasp-manila mailing list
> > Owasp-manila at lists.owasp.org <javascript:;>
> > https://lists.owasp.org/mailman/listinfo/owasp-manila
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.owasp.org/mailman/private/owasp-manila/attachments/20140426/c6ada0d4/attachment.html>


More information about the Owasp-manila mailing list