Penetration test and vulnerability assessment

=What is the difference between a vulnerability scan and a penetration test?= A vulnerability scan (or even a vulnerability assessment) looks for known vulnerabilities in a system and reports potential exposures. A penetration test is designed to actually exploit weaknesses in the system architecture or computing environment. Where a vulnerability scan can be automated, a penetration test requires various levels of tester expertise. A simple way to remember is that a technician runs a vulnerability scan while a hacker performs a penetration test.  Ideally, vulnerability scans should be run continuously while penetration tests occur once a year. Together penetration testing and vulnerability scanning are powerful tools used to monitor and improve information security programs.