A Vulnerability Assessment also known as Vulnerability Testing attempts to discover security issues within applications or infrastructure the way a penetration test does, however, a vulnerability assessment does not verify the existence of the vulnerability by attempting exploitation. Instead as much evidence as possible is recovered to support the finding without attempting exploitation. There are two types of vulnerability assessment, manual and automated.
Our reports base on Manual Vulnerability Testing or/and Automated Vulnerability Assessment. A Manual Vulnerability Assessment follows our penetration testing methodology and is performed manually by a consultant, an automated vulnerability test is performed by software. However, during a vulnerability assessment the exploitation phase is removed from the test.