The difference between a vulnerability assessment and a penetration test is that a vulnerability
searches and checks the infrastructure to detect vulnerabilities, whereas penetration testing intends
to exploit the vulnerabilities to probe the damage that could result from the vulnerabilities.
and penetration tests are different names for the same activity.
is executed by automated tools, whereas penetration testing is a totally manual process.
is executed by commercial tools, whereas penetration testing is executed by public processes.
The objective of a vulnerability assessment is to find the security holds in the computers and
elements analyzed; its intent is not to damage the infrastructure. The intent of penetration testing
is to imitate a hacker’s activities and determine how far they could go into the network. They are
not the same; they have different approaches. Vulnerability assessments and penetration testing
can be executed by automated or manual tools or processes and can be executed by commercial
or free tools.