Vulnerability Assessment Penetration Testing is one of the crucial part of information audit for any organization’s IT operations it is a two-step process namely vulnerability assessment & Penetration Testing A vulnerability assessment is the process of defining, identifying, classifying and prioritizing vulnerabilities in computer systems, applications and network infrastructures and providing the organization doing the assessment with the necessary knowledge, awareness and risk background to understand the threats to its IT Infrastructure. Penetration testing, also called pen testing or ethical hacking, is the practice of testing a computer system, network or web application to find security vulnerabilities that an attacker could exploit.