fbpx

A network vulnerability assessment is the process of reviewing and analyzing a computer network for possible security vulnerabilities and loopholes.

It is used by network administrators to evaluate the security architecture and defense of a network against possible vulnerabilities and threats.

Techopedia explains Network Vulnerability Assessment

A network vulnerability assessment helps network administrators or network security staff to assess the security strength of a particular network. The key objective of this assessment is to find any vulnerabilities that can compromise the overall security, privacy and operations of the network.

A network vulnerability assessment is a broad process that includes tasks such as:

  • Security control check
  • Identifying, quantifying and prioritizing network threats
  • Router/Wi-Fi password analysis
  • Reviewing network strength against network-based attacks such as:
    • Distributed denial of service (DDoS)
    • Man-in-the-middle attack (MITM)
    • Network intrusion
  • Device-level security analysis (router, switch, computer)
  • Scanning for known and potential threats and vulnerabilities

When a network vulnerability assessment is performed, it serves as an input to network/information security policy and associated security products. It is generally done through a combination of automated network vulnerability scanning tools and technical judgment of security staff. Once completed, the assessment recommends a strategy of action to mitigate and resolve the identified vulnerabilities

Penetration testing vs. vulnerability assessment at a glance

Take a look at a quick questionnaire, which lays bare the differences between the two techniques:

How often to perform the service?

Vulnerability assessment: Once a month. Plus an additional testing after changes in the network.

Penetration testing: Once a year at the least.

What’s in the report?

Vulnerability assessment: A comprehensive list of vulnerabilities, which may include false positives.

Penetration testing: A “call to action” document. It lists the vulnerabilities that were successfully exploited.

Who performs the service?

Vulnerability assessment: In-house security staff or a third-party vendor.

Penetration testing: A provider of penetration testing services.

What’s the value of the service?

Vulnerability assessment: Uncovers a wide range of possible vulnerabilities.

Penetration testing: Shows exploitable vulnerabilities.

Vulnerability Assessment vs Penetration testing The choice of vendor

The differences between vulnerability assessment and penetration testing show that both security testing services are worth to be taken on board to guard network security. Vulnerability assessment is good for security maintenance, while penetration testing discovers real security weaknesses.

It’s possible to take advantage of both services only if you contract a high-quality vendor, who understands and, most importantly, translates to the customer the difference between penetration testing and vulnerability assessment. Thus, in penetration testing, a good vendor combines automation with manual work (giving preference to the latter) and doesn’t provide false positives in the report. At the same time, in vulnerability assessment, the vendor uncovers a wide range of possible network vulnerabilities and reports them according to their severity to the customer’s business.

Visit the Source!

Privacy Preference Center