June 5, 2026
The confusion hasn't gone away. After years of industry education, organizations still conflate penetration testing with vulnerability scanning — and routinely overpay for the latter while believing they've done the former.But something has changed. The cost of that mistake is higher than it was two years ago, because the threat landscape has shifted in ways that make real penetration testing more important, not less — and make automated scanning look even more insufficient by comparison.
The confusion hasn't gone away. After years of industry education, organizations still conflate penetration testing with vulnerability scanning — and routinely overpay for the latter while believing they've done the former.
The cost of that mistake has increased. In every sector Convergent works in — media and entertainment, financial services, public sector, and healthcare — the threat landscape has shifted in ways that make real penetration testing more important than it has ever been.
A vulnerability scan is automated. It checks your environment against a database of known issues: outdated software, misconfigured ports, weak cipher suites. It produces a list. It does not attempt to exploit anything. It cannot chain findings together. It cannot reason about your environment the way an adversary would.
A penetration test is conducted by a human practitioner who actively attempts to compromise your environment — combining findings, abusing logic flaws, chaining low-severity issues into critical access, testing assumptions that no scanner would think to test. The output isn't a list. It's an attack narrative: here is how a real adversary would have moved through your environment, and here is what would have stopped them — or not.
These definitions are not semantic. Regulatory frameworks treat them as categorically distinct. The NYDFS Cybersecurity Regulation (23 NYCRR 500) requires annual penetration testing and defines it explicitly as an active attempt to circumvent your controls — not a scan. NIST describes penetration testing as an effort that "attempts to duplicate the actions of adversaries." PCI DSS requires attempts to exploit vulnerabilities, not merely identify them.
Every industry has its own threat profile, regulatory obligations, and attack surface. The distinction between scanning and testing plays out differently in each — but the underlying risk of confusing them is the same.
The M&E supply chain has been a high-value target for years. Pre-release content is an obvious prize, but the real risk surface is broader: cloud-based post-production workflows, SaaS collaboration platforms, remote access infrastructure for distributed crews, and an increasingly porous boundary between studio systems and third-party vendors.
A vulnerability scan of a TPN-assessed facility will catch missing patches and exposed ports. It will not catch a chained attack that moves from a misconfigured cloud storage bucket through a trusted API integration and into a content management system holding pre-release assets. It will not test whether your remote collaboration platform — the one your entire post-production workflow runs through — is configured to prevent lateral movement after a credential compromise.
AI has added a new layer here. AI-assisted color grading, VFX generation, script analysis, and content localization tools are now embedded in production pipelines. These systems have not been security-assessed at the same rate they've been adopted. Prompt injection, API key exposure, and model output manipulation are real attack vectors in these environments. A scanner does not find them.
Financial services organizations face some of the most prescriptive penetration testing requirements in any regulated sector. The GLBA Safeguards Rule — now fully in effect — mandates annual penetration testing for firms managing the personal financial data of more than 5,000 customers. NYDFS-licensed organizations face the same requirement under 23 NYCRR 500. SEC disclosure rules create additional pressure on public companies to accurately represent their security posture.
In this sector, the gap between what a scan catches and what a penetration test reveals is particularly consequential. Trading platforms, payment processing systems, and client portals contain logic vulnerabilities — authentication bypasses, privilege escalation paths, business logic flaws — that automated scanners were never designed to find. A penetration test of a client-facing application often finds ways to access account data, initiate unauthorized transactions, or elevate session privileges through a chain of individually low-severity findings.
For creditors' rights firms and legal practices serving financial clients, the AI exposure is acute. AI tools for automated client communications, AI-assisted legal research, AI-powered case prioritization and collections workflow — each introduces a new endpoint, a new integration, and a new set of authorization boundaries that have not been tested. When those boundaries are unclear or weak, a sophisticated adversary can manipulate the AI's inputs and outputs in ways that neither the model nor the scanner anticipated.
Schools, local and state government agencies, and critical infrastructure operators face a threat landscape that has changed dramatically in the past three years. Ransomware actors who once targeted large enterprises have shifted attention to public sector organizations — not because the data is more valuable, but because the defenses are often less mature and the pressure to pay (to restore services, to protect student or citizen data) is high.
Vulnerability scanning is frequently the extent of security assessment in public sector environments, driven by budget constraints and limited internal security resources. But scanning catches neither the OT/IT convergence risks that affect utilities and public works systems, nor the authentication weaknesses that allow adversaries to pivot from a compromised school district employee's credentials to systems holding CJIS-protected law enforcement data.
FERPA and CJIS compliance are the regulatory anchors for K-12 and government organizations respectively. Neither framework specifies penetration testing as explicitly as NYDFS or GLBA — but both require "appropriate safeguards," and a court or regulator examining the aftermath of a breach will ask what active testing was performed to validate that those safeguards work. A vulnerability scan report is not a satisfying answer.
AI in public sector is arriving faster than security governance can follow: AI grading and assessment tools in schools, AI-assisted benefits determination, AI-powered law enforcement analytics, AI tools for constituent services. Each is a new attack surface. Each runs on data that is either personally identifiable or legally protected.
Healthcare is the most heavily targeted sector in our client base, and the one where the consequences of a breach are most immediately personal. Ransomware attacks that lock clinical systems don't just cost money — they delay care. The regulators and insurers know this, and scrutiny has increased accordingly.
HIPAA requires "reasonable and appropriate" safeguards and includes a technical safeguard requirement for testing and audit procedures. Healthcare organizations that rely on vulnerability scanning to satisfy this requirement are taking on more risk than they realize: the attack paths that lead to patient data most often run through application logic flaws, third-party integrations, and misconfigured access controls — not through unpatched CVEs.
Medical device security is a specific and growing area of concern. Network-connected infusion pumps, imaging systems, patient monitoring platforms, and clinical workflow devices represent an attack surface that a vulnerability scanner cannot meaningfully assess. Penetration testing of these environments requires practitioners who understand both the security controls and the operational constraints — who can probe for authentication weaknesses and unencrypted protocol traffic without disrupting patient care.
AI is arriving at speed in healthcare: diagnostic support systems, clinical documentation automation, AI-powered imaging analysis, AI-assisted triage. These systems often run on patient data, integrate with EHR platforms, and receive inputs from clinical staff in ways that create prompt injection and model manipulation risks that are entirely invisible to automated scanning.
Regardless of vertical, AI has changed two things that matter for this conversation.
Attackers are using AI. More convincing phishing, faster identification of exploitable misconfigurations, context-aware social engineering at scale, adaptive tactics mid-engagement. A vulnerability scanner wasn't designed to find these attack paths — because they don't live in CVE databases. They live in your processes, your trust relationships, your people.
AI systems are a new attack surface that scanners weren't built to assess. Prompt injection. Model inversion. Indirect context manipulation. Data exfiltration through inference endpoints. Supply chain risk in model weights and third-party AI dependencies. Agentic AI that takes actions — sends communications, calls APIs, executes code — where a compromised or manipulated agent doesn't just leak data, it acts. None of this appears in a Nessus report.
In every sector we work in, AI adoption has outpaced security assessment. The organizations that are ahead of this have commissioned penetration testers with the right expertise to assess these systems. The ones that haven't are relying on scanners to tell them they're safe — and they're not getting the full picture.
The market has responded to AI in the wrong direction for buyers. Some vendors now offer "AI-powered penetration testing" at dramatically lower price points. What they're often selling is automated exploitation of known vulnerabilities at greater speed — which is still a vulnerability scan, just faster.
The adversarial reasoning that makes penetration testing valuable — the creative chaining of findings, the social engineering component, the ability to reason about novel attack surfaces including AI systems — still requires human practitioners. Price is still a reliable signal. A penetration test that looks suspiciously cheap compared to peer quotes is almost certainly a vulnerability scan with a different label.
A credible assessment in the environments Convergent works in addresses the actual attack surface, which includes:
External and internal network infrastructure — the baseline for every sector, and where most organizations have unresolved gaps.
Web and API security — APIs now carry more business logic and sensitive data than traditional web applications across all four of our verticals. They are systematically underassessed.
Cloud configuration and privilege escalation — misconfigurations that scanners don't classify as critical but practitioners can chain into full account compromise. Particularly relevant in M&E and financial services cloud environments.
AI and LLM systems — prompt injection, context manipulation, inference endpoint exposure, agentic authorization boundaries. Relevant across all sectors, acute in healthcare and financial services.
OT and hardware systems — on-set and production hardware in M&E, medical devices in healthcare, industrial control systems in public infrastructure.
Physical and social engineering — the vectors most often excluded from assessments and most reliably exploited by real adversaries, particularly in sectors with high staff turnover or distributed workforces.
The report you receive should tell you not just what vulnerabilities exist, but how an adversary would have moved, what they would have reached, and what would have stopped them.
If you're not sure whether what you've been commissioning constitutes a penetration test, or whether your current program covers the environments your organization actually operates in today, Convergent can help you find out.
Convergent provides penetration testing across external and internal network infrastructure, web and API applications, cloud environments, OT and hardware, and AI and LLM attack surfaces — in media and entertainment, financial services, public sector, and healthcare. Talk to an expert →