Conventional ways of security assessment
A quick comparison of traditional security testing methods.
| Approach | Goals | Limitations |
|---|---|---|
|
Manual pentest (pentest)
|
Show real attack vectors
|
Limited scope / infrastructure segment and happens to be rare
|
|
Vulnerability scanner (VM)
|
Detect known vulnerabilities
|
Doesn’t show what vulnerabilities can actually be exploited
|
|
Attack simulation
|
Simulate attack on real infrastructure
|
Only predefined scenarios
|
Data Analysis Processes
