Vulnerability assessments scan a system or host and report on any known vulnerabilities.

Vulnerability assessments normally use a commercial automated scanning engine tool and are therefore different to a penetration test where a human tester instead uses a variety of different methods to identify and verify any vulnerabilities.

Vulnerability assessments are very useful as complimentary testing to an annual penetration test as these can be run more regularly to identify any new potential vulnerabilities in between the more detailed penetration testing.

There are some limitations of vulnerability assessments.  Vulnerability scans can sometimes produce what is known as “false positives” where the scanning engine assumes certain issues or vulnerabilities based on a set of criteria, but these may be incorrect.  During a penetration test the human tester will still use scanning engines as one of the methods to identify any host vulnerabilities but will also verify the vulnerabilities via manual testing methods.

Most vulnerability assessments are performed externally and are generally unauthenticated.  This means that the scan will only review the systems and services exposed to the Internet.  Unauthenticated testing does not login to the system, therefore, does not review the user only logged in areas of the system.  Penetration tests can be both unauthenticated and authenticated depending on the requirements for testing.

Armadillo Sec offer a range of vulnerability and penetration services, details can be found on our website:   https://www.armadillosec.co.uk/vulnerability-assessments/