VA vs PT: Comparing Vulnerability Assessment & Penetration Testing approaches to Cybersecurity

On May 28, 2024, cybersecurity professionals and IT leaders gathered at the AWS Office, located on the 21st floor of Arthaland Tower in Taguig City, for an insightful discussion on cybersecurity methodologies. The event, which took place from 12:00 PM to 5:00 PM, was hosted by the AWS Security Users Group and organized by Armada Innovation Labs.

The session aimed to explore the differences between Vulnerability Assessment (VA) and Penetration Testing (PT)—two fundamental cybersecurity approaches. Through expert discussions, live demonstrations, and an engaging panel, attendees gained a deeper understanding of how organizations can leverage these methodologies to strengthen their security posture.

Agenda & Key Takeaways

Opening Remarks & Introduction

The event opened with a welcome message from Kate Viloria, Solutions Architect at AWS, who introduced the speakers and set the stage for the discussions ahead. She emphasized the growing need for proactive cybersecurity measures and the importance of staying ahead of emerging threats.

Hacking Incident – Real-World Cyberattack Insights

Dean Armada, CEO & Chief Architect of Armada Innovation Labs, delivered a compelling presentation on real-world hacking incidents. He demonstrated how cybercriminals exploit vulnerabilities and showcased techniques used in cyberattacks. His session underscored the importance of early threat detection and mitigation, reinforcing the need for organizations to adopt a proactive security approach.

Vulnerability Management Demo – Proactive Cyber Defense

Following the hacking demonstration, Sheila Vasquez, Country Manager of Tenable, led a hands-on session on vulnerability management. She showcased tools and techniques used to identify, assess, and mitigate vulnerabilities before they could be exploited. Key topics included continuous monitoring, risk prioritization, and the role of automation in cybersecurity.

Networking Break, Raffle & Industry Engagement

A dedicated networking break provided attendees with the opportunity to connect with industry peers, exchange ideas, and discuss best practices in cybersecurity. This segment encouraged meaningful discussions and collaboration among professionals from different sectors.

To make the session more interactive, a raffle draw was also held, where lucky participants won exclusive prizes. This added an element of excitement and engagement, ensuring a lively atmosphere throughout the break.

Expert Panel Discussion – VA vs PT in Cybersecurity Strategy

The highlight of the event was an engaging panel discussion moderated by Dean Armada, featuring six industry experts:

• Brian Lockwood – Director of Technology, International School Manila
• Keinaz Domingo – Cybersecurity Section Head, National Grid Corporation of the Philippines
• Gercon Del Rosario – Critical Infrastructure Cybersecurity Lead, GHD
• Kate Viloria – Solutions Architect, AWS
• Sheila Vasquez – Country Manager, Tenable
• Rodel Valerio – Division Chief, ICTO Office, Office of the President

The panelists shared insights on the differences between Vulnerability Assessment and Penetration Testing, the challenges organizations face in implementing cybersecurity measures, and how emerging technologies like AI and automation are shaping the future of cybersecurity. They also provided real-world case studies demonstrating how these approaches have been successfully applied in various industries.

Q&A Session & Closing Remarks

The event concluded with an interactive Q&A session, where attendees had the chance to engage with the experts and seek advice on cybersecurity challenges. The closing remarks reinforced the importance of continuous education, collaboration, and proactive security strategies in protecting digital assets.

Event Impact & Insights

The event successfully bridged the gap between Vulnerability Assessment and Penetration Testing, helping attendees understand when and how to apply each approach effectively. Through live demonstrations, expert discussions, and hands-on learning, participants gained valuable knowledge on strengthening their cybersecurity frameworks. Additionally, the networking opportunities allowed professionals from different industries to share experiences, discuss challenges, and explore innovative solutions.

The raffle draw added excitement to the event, rewarding lucky attendees while keeping the energy levels high. This fun and interactive segment helped make the event even more engaging.

Overall, the event provided a comprehensive learning experience, equipping cybersecurity professionals with the tools and insights needed to enhance their organization’s security posture in an evolving threat landscape.