What is the difference between VA(Vulnerability Assessment) and PT(Penet

Post Reply
Posts: 1958
Joined: Tue Jul 30, 2019 2:22 pm

Wed Aug 14, 2019 2:18 pm

is the process of finding flaws on the target. Here, the organization knows that their system/network has flaws or weaknesses and want to find these flaws and prioritize the flaws for fixing.

Penetration Testing is the process of finding vulnerabilities on the target. In this case, the
Posts: 48
Joined: Wed Jan 29, 2020 2:36 pm

Thu Feb 13, 2020 11:48 am

Vulnerability Assessment is all about running the right tool at right place. It is more inclined towards finding the vulnerability in application/network and reporting them. In VA you come to know what the vulnerability is and what it can do but you don't explore how it can do . That “how” question is explored when you do Penetration Testing.

Penetration Testing is about exploiting the vulnerability either through tool or writing your own exploit code. In PT you explore how you can exploit the vulnerability found during the VA.

Post Reply