Title: Difference between External & Internal vulnerability scanning ?
Post by: crossover on July 05, 2010, 06:22:22 PM
What is the difference between external and internal vulnerability scanning ?
likewise for internal and external pen testing?
Title: Re: Difference between External & Internal vulnerability scanning ?
Post by: hayabusa on July 05, 2010, 06:59:29 PM
Depends on your specific situation, as to which of the following apply. But in general, a quick answer...
a.) External assumes you're testing from the outside ( beyond the corporate firewalls / routers, etc )
b.) nternal assumes you've got physical / local access to the network and machines being tested, and are testing from the perspective of someone on the inside of the corporate firewalls / routers.
Now, you could also be referring to the people performing the testing, in which case:
a.) External assumes you're paying someone from the outside (another company) to do the testing.
b.) Internal means you have someone on staff doing the testing.
Clear enough? :)