<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1703665079923990&amp;ev=PageView&amp;noscript=1">

BLOG

Penetration Test or Risk Assessment? Follow our Flowchart to Find Out!

Posted by INFOGRESSIVE TEAM on 8/10/17 1:02 PM

<< Back to Blog

It’s not uncommon for the terms ‘Risk Assessment’ and ‘Penetration Test’ to be used interchangeably. The truth is, the two are very different.

A risk assessment typically involves

  • Identifying areas of vulnerability or potential weakness
  • Providing a roadmap to a stronger security posture

Penetration tests take that one step further

  • Actively exploiting those vulnerabilities
  • Determine the true ramifications of a breach to your network
  • A real person thinking like…well, a real person.

 

Our Advice?

Know what you’re buying! You would not believe the number of times we have seen a vulnerability scan or a risk assessment sold as if they were penetration tests. Both of these services are necessary to maintain a secure network, but the key is to know up-front what you want to achieve and to ask your security vendor the right questions.

Your organization’s size, industry, and current security posture are all factors that play a big role in determining what service is right for you. Be sure to find a security provider that you can trust to lead you down the correct path.

Check out our basic flowchart that you can use to determine which service is the best one to use for you and your organization.

Final-flowchart-01-copy-768x884

If you fell into the ‘ask the experts’ category, need more information, or want to talk to us about getting the ball rolling with one of our services, don’t hesitate to contact us.

 

New call-to-action

 

 

<< Back to Blog

Posted in Penetration Tests, Risk Assessment, Professional Services