Debating the merits of vulnerability scans and penetration tests


Companies are struggling to keep up with a barrage of network security nightmares, including viruses, worms and hacker attacks. This makes it more difficult to protect core assets, such as sensitive personnel information, customers' credit card numbers and intellectual property. There are frequent reports of supposedly secure networks failing, resulting in lost revenue and damaged reputations.

To combat these increasing threats, network administrators must choose from a host of products, services and practices. Two common solutions are penetration testing and vulnerability scanning. These solutions are often lumped together, but there are significant differences between them. Vulnerability scans identify potential problems based on an evaluation of a network's defenses and known vulnerabilities. Penetration testing reveals more information about a network by actively attacking a system, probing all defenses and revealing real, not theoretical, vulnerabilities. Computerworld | Debating the merits of vulnerability scans and penetration tests

Linked by shanmuga Monday, 2nd January 2006 10:23PM