Definition

What is Vulnerability Assessment?

A systematic process of identifying, classifying, and prioritizing security weaknesses in a system without attempting to exploit them. Unlike penetration testing, vulnerability assessments rely primarily on automated scanners to produce a broad inventory of potential risks ranked by severity. They are typically faster, lower-cost, and less disruptive than penetration tests, and serve as a starting point for remediation planning rather than proof of exploitability.

Related terms

Penetration Testing →

A structured, authorized simulation of a real-world cyberattack against a system, network, or application with the goal of identifying exploitable vulnerabilities before malicious actors do.

CVSS Score →

A standardized numerical score from 0 to 10 that rates the severity of a security vulnerability based on its exploitability and potential impact.

Common Vulnerabilities and Exposures (CVE) →

A public catalog of disclosed security vulnerabilities, each assigned a unique identifier in the format CVE-YEAR-NUMBER (e.g., CVE-2021-44228 for Log4Shell).

Dynamic Application Security Testing (DAST) →

A black-box security testing technique that analyzes a running application from the outside by sending malicious inputs and observing its responses, without access to source code.

Put this into practice

Autonomous OWASP vulnerability scanning →

See how Penetrify's autonomous AI agents find and validate this class of security issue in your application.