1. Differences in starting point: The penetration test is based on the successful intrusion of the system to prove that the system has security problems; the security test is based on discovering all possible security risks of the system.
2. Differences in perspective: Penetration testing treats and thinks about problems from the perspective of an attacker. Security testing is to think about the problem from the perspective of the defender, try to find all the hidden dangers that may be exploited by the attacker, and guide them to repair.
3. Coverage differences: The penetration test selects only a few points as the target of the test, while the security test is a complete test after analyzing the system architecture and finding out all possible attack interfaces of the system.
4. Cost difference: Safety testing needs to analyze the function of the system, the technology used by the system, and the architecture of the system. Therefore, more penetration and testing requires more time and manpower.
5. Solution differences: Penetration testing does not provide a targeted solution; security testing analyzes the cause of the problem from a developer's perspective and provides a more effective solution.