Skip to content
All posts

What’s the Difference Between a Vulnerability Scan and a PEN Test?

We find that often customers become confused between a Vulnerability Scan and a Penetration (PEN) test.  We’ve created this table below to show the differences. 
Basically, a vulnerability scan is an automated, high-level test that looks for and reports potential vulnerabilities.
A penetration test is a detailed hands-on examination by an actual person that tries to detect and exploit weaknesses in your system.
These tests are good steps to maintain Cybersecurity compliance


Vulnerability Assessment

Penetration “PEN” Testing

Performed by:  Employee or Consultant 3rd Party Ethical Hacker
Performed with:  Script Compilation of specific code
Tools Used:  Qualys, Tenable, etc. Nessus, Metasploit, Variety of tools  
How Performed: Automated Manual  
Expertise: Low High  
Duration: 4 hours 1-20 days  
Period: Monthly or less Yearly or more for incident response
False Positives: High N/A  
Profile: Passive Dynamic  
Disruptive: Low High  
Purpose: Review of weaknesses Analysis of comprisable systems
Medical Analogy: Single X-ray Series of MRIs
Motivation: Good Cyber Hygiene Due Diligence
Results: List of open ports, missing patches Description of attempts blocked or vulnerabilities
Looking to Identify: SW vulnerabilities Insecure Business practices
Examples of Findings: Unpatched SW, obscure protocols… Credential violations, clear text transmissions
Importance: Mandatory Good practice
Remediation: Patching, Upgrading, … Hardening, Re-design, vendor swap
Cost: $100/IP address $15K  
Variations: Scan Black-Box: Zero knowledge of Network
  Assessment Gray Box: Partial knowledge of Network
    White Box: Full Knowledge of Network