Penetration Tester vs Vulnerability Assessor

0 votes
I am facing a lot of confusion in understanding the difference between a Penetration Tester and a Vulnerability Assessor. I don't need a comparison table, etc. I just need the difference explained in a Simple Way. Thanks
Jan 2, 2019 in Career Counselling by Vidhyut
 • 1,170 points 737 views

2 answers to this question.

0 votes

This is a very common confusion because when you look at what a Penetration Tester does and what a Vulnerability Assessor does, you won't see much difference. Let me put it in simple words for you. 

Both Penetration Tester and Vulnerability Assessor do the same thing i.e., find vulnerabilities, try to exploit them and then report the issue to the company so that the company can increase the security. But the difference comes in, what kind of companies they do this for.

Penetration Tester finds vulnerabilities for a company that has covered and provided security to the application/software as much as they could think of. Now, they want to find if there are other vulnerabilities that they missed. Here, a Penetration Tester helps them find these issues.

There are few companies that have not provided security to application/software. They know that there are issues, but they do not know how to prioritize those issues. So, a Vulnerability Assessor goes through these issues and helps prioritize which issue should be addressed and solved first.   

To know more about it, it is recommended to take the Master's in CyberSecurity Program today.

answered Jan 2, 2019 by Sangar
edited Jun 2, 2023 by Srinath
0 votes

Hello Vidhyut, A Penetration tester manually conducts an assessment on a target to uncover vulnerabilities by exploiting them. The goal is to gain unauthorized access through exploitation which can be used to emulate the intent of a malicious hacker. A pentester often uses following phases:

  • Reconnaissance
  • Scanning and enumeration
  • Exploitation
  • Post-exploitation
  • Covering tracks

While a Vulnerability assessor, or VA, identifies threats and vulnerabilities on a target by using automated vulnerability scanners. This sometimes includes a range of manual testing with additional tools to further evaluate the security of applications or networks and to verify vulnerabilities discovered by the scanning applications.

answered Jun 11, 2019 by Ritvik

Related Questions In Career Counselling

0 votes
2 answers

Penetration Tester career path

Hey Vidhyut, Penetration testers are able to ...READ MORE

answered Jun 11, 2019 in Career Counselling by Karuna
 844 views
0 votes
1 answer

Penetration Tester future path

No, Penetration Testing is not the end ...READ MORE

answered Jan 2, 2019 in Career Counselling by Neil
 512 views
0 votes
3 answers

Penetration Tester Skills

A Penetration tester should have following skills: Expert ...READ MORE

answered Jun 11, 2019 in Career Counselling by Chandra
 698 views
0 votes
2 answers

Penetration Tester Certifications

Hey Vidhyut, these are some of the ...READ MORE

answered Jun 11, 2019 in Career Counselling by Farhan
 1,138 views
0 votes
2 answers

Salary for Security Administrator

For freshers, if you have good certifications and skills, then ...READ MORE

answered Apr 9, 2019 in Career Counselling by Sunny
 861 views
0 votes
2 answers

What skills do Security Administrator need?

A Security Admin must have excellent knowledge ...READ MORE

answered Apr 9, 2019 in Career Counselling by Sandeep
 849 views
0 votes
3 answers

What does a Security Administrator do?

A Security Admin is a person who ...READ MORE

answered Apr 9, 2019 in Career Counselling by Sandy
 1,129 views
0 votes
2 answers

Security Administrator Tools

The Top free tools being used by ...READ MORE

answered Apr 9, 2019 in Career Counselling by Sharan
 831 views
0 votes
3 answers

What does a Penetration Tester do?

Hi Vidhyut, some of the responsibilities of ...READ MORE

answered May 30, 2019 in Career Counselling by Umesh
 1,117 views
0 votes
3 answers

Penetration Tester Salary in 2019

This varies on the location, company, and ...READ MORE

answered Mar 6, 2019 in Career Counselling by Rashmi
 1,787 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP
"PMP®","PMI®", "PMI-ACP®" and "PMBOK®" are registered marks of the Project Management Institute, Inc. MongoDB®, Mongo and the leaf logo are the registered trademarks of MongoDB, Inc.