[Owasp-manila] Pentest vs. VA

Drexx Laggui [personal] drexxl at gmail.com
Sat Apr 26 14:05:07 UTC 2014


26Apr2014 (UTC +8)

On Sat, Apr 26, 2014 at 11:02 AM, Ariel Moncayo <ariel.moncayo at owasp.org> wrote:
> Thanks Mhike :)
>
> Follow-up questions: is there difference on the tools that are being use
> when you are conducting a VA and Pentest?

Think of a VA as a subset of a PenTest work... thus after using VA
tools, finding out what can be done, a pentester builds a custom set
of exploits to lay down on a target.



Drexx Laggui  -- CISA, CISSP, CFE Associate, ISO27001 LA, CCSI, CSA
http://www.laggui.com  ( Manila & California )
Computer forensics; Penetration testing; QMS & ISMS developers; K-Transfer
PGP fingerprint = 0117 15C5 F3B1 6564 59EA  6013 1308 9A66 41A2 3F9B


More information about the Owasp-manila mailing list