Vulnerability Assessment & Penetration Testing (VAPT) by Software Technology Parks of India is a security testing methodology, where the IT systems such as computers, mobiles and networks, and software such as operating systems and application software are scanned in order to identify the presence of known and unknown vulnerabilities.
VAPT has two specific methods;
- Vulnerability Assessment (VA) is the first stage. VAPT team identifies all vulnerabilities in an application or network. While this method is great for identifying vulnerabilities, it cannot differentiate between exploitable and non-exploitable vulnerabilities. It is an examining approach which is conducted both physically and performed by specific instruments or applications.
- Penetration Testing (PT) is the second stage. Penetration Testing takes the vulnerabilities identified in the first step, identifies exploitable vulnerabilities, and attempts to exploit them. Using these two methods together in VAPT helps organizations to get a more cohesive picture of their current security vulnerabilities, how exploitable they are, and how large the impact could be on them.
What is VAPT?
VAPT is a process in which the Information & Communication Technologies (ICT) infrastructure consists of computers, networks, servers, operating systems and application software are scanned in order to identify the presence of known and unknown vulnerabilities. As many as 70% of websites have vulnerabilities that could lead to the theft of sensitive corporate data such as credit card information, product IP, customer lists etc. Hackers are concentrating their efforts on web-based applications – shopping carts, forms, login pages, dynamic content, etc.
STPI is now CERT-In empanelled and possesses vast experience in conducting VAPTs across various organization’s ICT infrastructure comprehensively and recommending the cost effective solution to fix the same. STPI is having about 50 qualified & skilled resources who are trained & certified to conduct the VAPT pan India.
STPI Service Charges
Depending on the size of the ICT infrastructure that needs to be audited, STPI will work out the services charges, which are very competitive.