Get your FREE VAPT Quote today!

Get your FREE Vulnerability Assessment (VA) and Penetration Testing (PT) Quote Today!

Pen Test Free Quote Form
Does your company require an Internal and/or External test?
Does your company require an Offsite and/or Onsite VAPT?
Have you done any of these testing on the same system before?

Common FAQs

What is the difference between an Internal and External Test?

An Internal Test means that our tester will be onsite, simulating an internal breach by someone in your office. For example, our tester will simulate a hack into your company’s servers from within your network – either over WiFi or plugged into your network.

An External Test means that our tester will try to hack into your company’s system from outside your network or anywhere in the world. For example, our tester will simulate a hack into your company’s website from a Starbucks or even from Indonesia.

What is the difference between VA and PT?

Vulnerability Assessment (VA) is an assessment that will only assess the vulnerabilities in your environment without testing for confirmation. It is basically a non-intrusive assessment. For example, when you see a GP doctor for a Knee Pain, a general assessment will be provided and the doctor will then advise you to rest, apply some cream, and monitor.

Read more about Vulnerability Assessment (VA) HERE.

Penetration Testing (PT) includes VA, but with the additional testing for confirmation. This means that the assessment will comprise of both the assessment for vulnerabilities in your environment, as well as testing to provide proof of breach. For example, after seeing a knee specialist for the bad knee, the doctor will assess it, before conducting some tests to simulate the pain in order to confirm the right prognosis, and apply the most suitable and effective follow-up treatment.

Read more about Penetration Testing (PT) HERE.

What is the deliverable of the tests?

2 reports will be provided for both VA and PT – one after each round of testing.

What is the process for testing?

There will be 2 rounds of testing.

1st Round of Testing – by eVantage Technology

Based on the Client’s requirements, the 1st test will be conducted. A report, which includes the current vulnerabilities, proof of breaches (where available), and recommendation to address the risks found, will be provided to the Client.

Rectification Work – by Client

The Client is then tasked to follow the recommendations provided in the report to secure its environment before a 2nd test will be conducted.

2nd Round of Testing – by eVantage Technology

After the rectification done by the Client, a 2nd test will then be conducted to ensure the environment has been successfully secured. After the 2nd test, a second report, which includes the current vulnerabilities, proof of breaches (if any), and recommendation to address the risks found (if any), will be provided to the Client.

However, do take note that there should not be any vulnerabilities found in the 2nd test if the client chooses to follow the recommendations provided in the first report and effectively secures its environment.

How long will the entire process take on average?

The length and duration of the entire VAPT process will depend on the scope of test and the time required by the Client for rectification work.

Hence, it is important for the Client to provide us with a rough projected timeline when filling in the form above, in order to minimize any potential delays in entire process.


If you have any other questions, feel free to click the green button below to contact us today!


eVantage Technology is a professional and trusted IT solutions provider, dedicated to providing exceptional service to companies in Singapore and across Asia.