1) Determining who owns what websites,

2) What servers host which websites.

3) What virtual IP’s load balance to which internal webserver hosts.

4) Which different outsourced entities have ownership over different websites and IP ranges.

5) Getting a listing of your total internet facing IP ranges.

6) Determining which websites and IP ranges are hosted by your company, and which are 3rd party.

7) Determining which websites process any PCI or PII data.

Those of us responsible for managing Vulnerability scanning and penetration testing often seem to get the same question over and over… What is the difference between a vulnerability scan and a penetration test?

You would think that this is not a difficult topic to grasp, but some folks really do struggle to remember the difference. I’ll lay it out here in the most simple way I know how..

• Scan = Look for holes and issues on a network or website. Usually with some type of scanning tool.
• Penetration Test = Exploit and Hack holes that you have found on a network. And see how far you can get. A penetration test often starts with a scan, but is not limited to just the scanning.

Some good scanning tools are..

McAfee Vulnerability Manager (used to be called Foundstone)

QualysGuard

Nessus

Many companies offer penetration testing services.  I’ve only had experience with a few, so my only advice is to make sure your contracts are well written and that you are careful when working with a small company.