The difference between Penetration Testing and
There is a considerable amount of confusion in the industry regarding the differences between vulnerability scanning and penetration testing, as the two phrases are commonly interchanged. However, their meaning and implications are very different. A vulnerability assessment simply identifies and reports noted vulnerabilities, whereas a penetration test (Pen Test) attempts to exploit the vulnerabilities to determine whether unauthorized access or other malicious activity is possible. Penetration testing typically includes network penetration testing and application security testing as well as controls and processes around the networks and applications, and should occur from both outside the network trying to come in (external testing) and from inside the network.
Internal and External Network Penetration Test:
Cloud Security and Web Application Penetration Testing:
ATS will test your cloud infrastructure and applications (similar test procedures as network testing), specifically directed towards your cloud and web application infrastructure.
The reports will show all accessible information, such as:
- Server Software
- Server Vulnerabilities
- Application Vulnerabilities
- Compromised passwords
- Suggestions on implementing sound practices to help defend against such attacks
Social Engineering an anti-phishing e-mail Testing:
- Proof of Compromise
- Point of entry/entires
- Type of attack method used to gain access or entry
- Hardware, Software, and necessary training information, to strengthen security measures and prevent from future attacks
Black and White Box Testing:
ATS offers black and white box testing services.
The White box is when the client supplies the necessary information for ATS to focus an attack, this can include but not limited to users, IP addresses, network structures etc.
Black box testing is more like real world Attackers, ATS strives to get all information they require without any input from the client, ATS uses its results from previous tests in order to progress further on the attack.
Black box tests take longer to implement as all information has to be sourced via testing and social engineering. However, the results retrieved from this type of test will be able to explain where all your vulnerabilities are.