Vulnerability scanning is very often confused with penetration testing but there are some major differences between the two.
• A vulnerability scan is automated high-level test that looks for potential security vulnerabilities, while a penetration test is an exhaustive examination that includes a live person digging into your network’s complexities to exploit the weakness in your systems.
• A vulnerability scan only identifies vulnerabilities, while a penetration tester digs deeper to identify the root cause of the vulnerability that allows access to secure systems or stored sensitive data. The pen tester also looks for business logic vulnerabilities that might be missed by an automatic scanner.
• Vulnerability scans can be instigated manually or on an automated basis and will complete in as little as several minutes to as long as several hours.