Brief about Vulnerability Assessment and Penetration Testing
What is Vulnerability Assessment and Penetration Testing?
Vulnerability Assessment and Penetration Testing is a technical process of finding out the flaws in an application and exploiting those vulnerabilities. Often people use the terms “Vulnerability Assessment” and “Penetration Testing” interchangeably. It is because of the fact that we carry out Vulnerability Assessment and Penetration Testing in the combination with each other. However, these two are different terms and have their own strengths.
Why should we go for Vulnerability Assessment and Penetration Testing?
Vulnerability Assessment and Penetration Testing (VAPT) offers lot of benefits to an organization. Lets have a look at some of these benefits:
- It helps the business get a detailed view of impending threats in an application.
- VAPT enables the enterprises to protect their application or network from malicious attacks.
- It provides risk management
- Protects the business from loss of money and reputation
What is the difference between Vulnerability Assessment and Penetration Testing?
Vulnerability Assessment is the process of finding out the vulnerabilities present in the system and prioritizing them on the basis of their severity or business criticality . Our sole objective is to make sure that we list all the loopholes present in the system without missing any of them. It is often an automated process and we use various tools and scanners in listing out the vulnerabilities. Vulnerability Assessment is non-intrusive process and can be easily carried out without affecting the infrastructure or normal functioning of the application.
Penetration Testing is the next step after Vulnerability Assessment and it makes use of the list of flaws or loopholes found in previous step. In Penetration Testing, we actually exploit those vulnerabilities as a part of proof-of-concept approach. We think like a real attacker and test the out the defenses and try to break into the application. For Penetration Testing also we use some automated tools to penetrate into the application. However it is intrusive process and can cause damage to the infrastructure or working of the application. It should always be carried out by a professions and experienced Penetration Tester or ethical hacker.
What are the different tools for VAPT?
There are various tools available in market that we use for Vulnerability Assessment and Penetration Testing. We use some of these tools just to do the Vulnerability Assessment and for Penetration Testing we use manual approach. Some of the tools that we use are open source while we have to purchase license for others. Following are some of the tools that we often use:
- Nessus
- Burp Suite (Penetration Testing)
- Nmap
- Accunetix
- Metasploit (Penetration Testing)
While using any of the tools one should keep in mind about – False Positives and False Negatives. When the tool reports a particular Vulnerability that actually doesn’t exist then we call it a False Positive. In the same way, when the tool doesn’t report a particular Vulnerability which actually exist then we call it a False Negative. So one should always go for manual round of verification and simply not rely upon the results or report generated by these tools.
VAPT Methodology
VAPT is comprised of primarily 4 phases. Each phase then consists of different activities. It is similar to Software Development Life Cycle (SDLC).
- Reconnaissance
- Enumeration
- Vulnerability Assessment
- Exploitation
In next few posts, we will learn in detail about each of these phases.