Is the Stoik External Scan a penetration test?

No, the Stoik External Scan is not a penetration test. Here's the difference between the Stoik External Scan and a penetration test.

External Scan

  • Objective: To continuously map and monitor the exposure surface of a computer system.

  • Method: Automated and continuous. It identifies open ports, exposed services, and known vulnerabilities (CVEs) on assets visible from the internet.

  • Impact on the computer system: Non-intrusive; it does not attempt to exploit vulnerabilities. It is also unobtrusive; it does not disrupt existing systems.

Penetration Test

  • Objective: To produce a detailed report with attack scenarios and advanced recommendations

  • Method: Performed manually (or semi-automated) by cybersecurity experts, it is generally done on an ad-hoc basis (e.g., 1 to 2 times per year). The penetration test simulates real attacks to exploit vulnerabilities and test the resilience of your systems.

  • Impact on the IT system: Deeper, more intrusive.

If you would like to perform a penetration test on your IT system, Stoïk can recommend trusted partners. Contact us at [email protected]

PreviousWhat is the External Scan?NextHow to configure the Stoïk External Scan?

Last updated

Was this helpful?