Have you ever had a situation that you have been involved in where someone was talking about a specific topic and you thought that they were referring to something completely different? Yeah, me neither! One of the challenges that we come across in IT Security Services is the frequent confusion and interchanging of terms that people think mean the same thing but in reality are very different. A great example of this is Vulnerability Scanning and Penetration Testing. These two concepts are often times misused and swapped out, creating some degree of confusion, lack of understanding, and disconnect within the conversation. The problem with this becomes that neither party knows what the other is talking about or they assume that the person is referring to one service, when in reality they are referring to a different service. So what are the differences between these two, often confused services that perform different functions? Here is a small list to help clarify some of the confusion out there:
Now that we have talked about some of the differences between a Vulnerability Scan and a Penetration Test, let’s turn to an area where they might be a little similar. That area would be the reporting aspect of both types of tests. A good, reputable IT Security Firm should provide you with a detailed report that will risk rank the vulnerability that exists as well as a remediation plan to ultimately mitigate that risk. The same holds true for a Penetration Test. The exploits that have been identified should be ranked in terms of severity of the danger that they pose to your organization and what steps need to be taken to mitigate that risk and ultimately lower your overall risk level.
Compass IT Compliance provides a variety of different solutions to meet both your Vulnerability Scanning and Penetration Testing needs. Click on the document below to download our Security Assessment Services brochure that will provide you with some additional information on how we can help you Secure your systems, Comply with various Federal, State, and Industry Regulations, and ultimately Save time and money in the process. Secure. Comply. Save.