方法对比

并排查看您选择的方法；存在差异的行会高亮显示。

	渗透测试方法论 ×	漏洞评估 ×
领域	密码学	密码学
方法族	Process / pipeline	Process / pipeline
起源年份≠	2008	2002
提出者≠	National Institute of Standards and Technology (NIST), OWASP	National Institute of Standards and Technology (NIST)
类型≠	Authorized security exploit and assessment	Vulnerability identification and prioritization
开创性文献≠	National Institute of Standards and Technology (2008). Penetration Testing and Security Testing. NIST Special Publication 800-115. link ↗	National Institute of Standards and Technology (2012). Guide for Conducting Security Patch Management Activities. NIST Special Publication 800-40 Revision 3. link ↗
别名	Pen Testing, Ethical Hacking, Security Testing	Vulnerability Scanning, Security Assessment, Risk Assessment
相关	3	3
摘要≠	Penetration testing is an authorized, controlled simulated attack on systems, networks, and applications to evaluate their security defenses. Unlike vulnerability assessment (which identifies weaknesses), penetration testing actively exploits vulnerabilities to demonstrate real-world impact, confirm exploitability, and assess an organization's incident response capabilities.	Vulnerability assessment is a systematic process of identifying, quantifying, and prioritizing security weaknesses in systems, networks, and applications. Using automated scanning tools and manual techniques, organizations discover unpatched software, misconfigurations, weak cryptographic practices, and other exposures that attackers could exploit.
ScholarGate数据集 ↗	v1 3 来源 PUBLISHED	v1 3 来源 PUBLISHED

前往搜索 → 下载幻灯片