“37.0 percent of companies in Germany do not regularly train their employees on topics such as spam or phishing. (…) Only every third company (35.5 percent) has a patch management policy. Yet security gaps in...
What is actually the difference between a Vulnerability Scan and a Penetration Test? There seem to be interesting misconceptions about this, as we would like to show with the following practical example.
If we closely review the ISO 27001:2013 standard or the draft of the new 27001:2022, we see that the terms penetration testing and vulnerability scanning are not explicitly mentioned either as requirements or as a...
Thomas Neeff
