Is a Penetration Test the same as a Vulnerability Assessment?
Some may use the terms Penetration Test and Vulnerability Assessment interchangeably when actually, they are different types of engagements that yield similar but different results. A vulnerability assessment and a penetration test are not mutually exclusive. They can both leverage the same tactics and techniques to achieve your organizational goals.
Wildcard utilizes the Open Source Security Testing Methodology Manual (OSSTMM) and the Penetration Testing Execution Standard (PTES) as the foundation for security assessment methodology. Our methodology allows for our assessments to be efficient and repeatable processes that evaluates every vector for potential compromise. Our experienced penetration testers will assess your environment in a manner that maximizes the value provided to your organization. Upon completion of the assessment, Wildcard delivers a detailed report outlining our findings. Vulnerabilities and exploits will be explained in a manner that is easy to digest. Our assessors are able to contextualize our findings so that they are relevant and actionable.
A penetration test delivers a narrative of how a firm conducted targeted attacks to achieve a specific objective. For example, an organization wants to determine if an outside entity could obtain a domain administrator’s username and password.
A vulnerability assessment seeks to be more comprehensive than a penetration test and enumerates all of the potential attack vectors and vulnerabilities that could negatively impact an organization. The vulnerability assessment will then provide context to rank the level of impact associated with each finding.