What is a vulnerability vs an exploit?
There’s a simple way to remember what is a vulnerability vs an exploit. A vulnerability is a weak spot in an IT system or program. An exploit is the act of using that vulnerability to enter or compromise software or IT networks. You can’t have an exploit without a vulnerability but you CAN (and often do) have vulnerabilities that have never been exploited. These are called zero day vulnerabilities if and when they are exploited for the first time.
The weakness is the vulnerability vs an exploit, which is the act of using that weakness. Here’s a few examples of vulnerabilities:
- Weak passwords
- Software that hasn’t been patched or updated
- A weakness in a program or software code
- Human reactions to phishing attacks
Some vulnerabilities are well-known while others are discovered only after someone has exploited them. At Intrust, we work to help companies minimize their vulnerabilities with a combination of endpoint protection, system monitoring, event response and cyber security training for your entire team.