Pen Tests vs Vulnerability Scans
Many different ways exist to improve the security posture of your company and most ways offer different advantages. But every action that can be taken to improve your security must be taken. One of these choices is simply not enough to ensure the security of a system or network.
If you were to check a house for ways to get in you would look around it checking for open doors or windows. This is similar to a vulnerability scan, it will scan the network looking for open ports which is where and attacker could potentially get in.
Where as a penetration test would learn the layout of the house and try to clone your key. Both of these approaches have their advantages.
Vulnerability Scan or Assessment
A vulnerability scanner purpose is to identify known vulnerabilities on a known areas of a network or system. It gives areas of the system a “look over” and checks to see if it has seen that configuration before and if it matches a database of known vulnerabilities.
This allows vulnerability scans to be done at a lower price than other options but often means they will be plagued with false positives and may not show all the vulnerabilities possible on a bespoke application. It does not test areas specific to your application or understand the workflow of your application and use that to exploit the application. Vulnerability scans are a fantastic supplement to a pre-existing penetration test but should never be used as a replacement.
Penetration Test
A penetration test brings a human element which cannot be replicated. Not only will an experienced penetration tester look for known vulnerabilities with an application but it will develop exploits specific to your application and methods which will work specifically against your system in the same way an adversary would. False positives can be manually checked disqualified from any reporting.
But one person cannot identify all available vulnerabilities so they will use tools to automate the process of vulnerability detection but will turn this process up a notch using their intuition and experience to find exploits that vulnerability scanners cannot pick up. This service usually comes at a premium due to the expert knowledge and techniques required to take advantage of these things but the support and feedback that can come from a penetration test in unparalleled.