VA vs Pentest (Cybersecurity)
For anyone who has to learn in cybersecurity, We should know about what difference between VA (Vulnerability Assessment) and Pentest.
VA and Pentest might be similar in term of goal their goal is to reduce the risks in the systems by simulating that if there is a hacker will hack our system how much damages that hacker can do. By giving people or programs come to test the hacking system and bring the result is a list of the various vulnerabilities obtained from the test to improve the system to be.
So what different between this VA and Pentest?
We can classify by this normally VA will find a vulnerability in the network or web system by using a program to scan automatically by inserting the IP / CIDR, subnet or URL come to find the main vulnerability.
On the other hand, the pentest method is often referred to as a deeper penetration test than the VA, using people to analyze the system in depth to find vulnerabilities. That requires expertise Trial and error Programming Including trying to really attack that can attack and follow the result of the attack.
Someone might ask why we don’t test our system with the pentest because of pentest have more efficient in terms of security. The answer is very simple “Money” because of pentest usually cost much more than pentest. Finally, it doesn’t have the right way to run your system it depends on how much the risks that system you can take.
