hacking #vulnerability #enumeration #footprinting

#hacking #vulnerability #enumeration #footprinting 
[source](https://academy.hackthebox.com/module/108/section/1160)

also see [[hacking/HackTheBox/modules/Vulnerability Assessment/notes|notes]]


Every organization must perform different types of `Security assessments` on their `networks`, `computers`, and `applications` at least every so often. The primary purpose of most types of security assessments is to find and confirm vulnerabilities are present, so we can work to `patch`, `mitigate`, or `remove` them. There are different ways and methodologies to test how secure a computer system is. Some types of security assessments are more appropriate for certain networks than others. But they all serve a purpose in improving cybersecurity. All organizations have different compliance requirements and risk tolerance, face different threats, and have different business models that determine the types of systems they run externally and internally. Some organizations have a much more mature security posture than their peers and can focus on advanced red team simulations conducted by third parties, while others are still working to establish baseline security. Regardless, all organizations must stay on top of both legacy and recent vulnerabilities and have a system for detecting and mitigating risks to their systems and data.

---

## Vulnerability Assessment

`Vulnerability assessments` are appropriate for all organizations and networks. A vulnerability assessment is based on a particular security standard, and compliance with these standards is analyzed (e.g., going through a checklist).

A vulnerability assessment can be based on various security standards. Which standards apply to a particular network will depend on many factors. These factors can include industry-specific and regional data security regulations, the size and form of a company's network, which types of applications they use or develop, and their security maturity level.

Vulnerability assessments may be performed independently or alongside other security assessments depending on an organization's situation.

---

## Penetration Test

Here at `Hack The Box`, we love penetration tests, otherwise known as pentests. Our labs and many of our other Academy courses focus on pentesting.

They're called penetration tests because testers conduct them to determine if and how they can penetrate a network. A pentest is a type of simulated cyber attack, and pentesters conduct actions that a threat actor may perform to see if certain kinds of exploits are possible. The key difference between a pentest and an actual cyber attack is that the former is done with the full legal consent of the entity being pentested. Whether a pentester is an employee or a third-party contractor, they will need to sign a lengthy legal document with the target company that describes what they're allowed to do and what they're not allowed to do.