wisemonkeys logo
FeedNotificationProfileManage Forms
FeedNotificationSearchSign in
wisemonkeys logo

Blogs

Vulnerability Assessment (Vulnerability Analysis)

profile
45_Amulya Yadla
Sep 14, 2023
0 Likes
0 Discussions
122 Reads

What is a vulnerability assessment?

 

- A vulnerability assessment is the process of defining, identifying, classifying and prioritizing vulnerabilities in computer systems, applications, and network infrastructures.

- Vulnerability assessments also provide an organization with the necessary knowledge, awareness and risk backgrounds to understand and react to threats to its environment.

- A vulnerability assessment process is intended to identify threats and the risks they pose. They typically involve the use of automated testing tools, such as network security scanners, whose results are listed in a vulnerability assessment report.

 

Importance of vulnerability assessments

 

- A vulnerability assessment provides an organization with details on any security weaknesses in its environment. It also provides direction on how to assess the risks associated with those weaknesses. This process offers the organization a better understanding of its assets, security flaws, and overall risk, reducing the likelihood that a cybercriminal will breach its systems and catch the business off guard.

 

 

Types of Vulnerability Assessments

 

  • Network-based scans are used to identify possible network security attacks. This type of scan can also detect vulnerable systems on wired or wireless networks.
  • Host-based scans are used to locate and identify vulnerabilities in servers, workstations or other network hosts. This type of scan usually examines ports and services that may also be visible to network-based scans. However, it offers greater visibility into scanned systems' configuration settings and patch history, even legacy systems.
  • Wireless network scans of an organization's Wi-Fi networks usually focus on points of attack in the wireless network infrastructure. In addition to identifying rogue access points a wireless network scan can also validate that a company's network is securely configured.
  • Application scans test websites to detect known software vulnerabilities and incorrect configurations in network or web applications.
  • Database scans can identify weak points in a database to prevent malicious attacks, such as SQL injection attacks.

 

 

Vulnerability Assessment Process

 

1. Goals and Objective: Define the goals and objectives of Vulnerability Analysis.

 

2. Scope: While performing the Assessment and Test, the assignment's Scope needs to be clearly defined. The following are the three possible scopes that exist, such as:

 

- Black Box Testing: It is a software testing method in which software applications' functionalities are tested without knowing the internal code structure, implementation details, and internal paths.
Black Box Testing mainly focuses on the input and output of software applications, and it is entirely based on software requirements and specifications. It is also known as Behavioral Testing.

 

- White Box Testing: White box testing is a software testing technique in which internal structure, design and coding of software are tested to verify the flow of input-output and also improve design, usability and security.
In white-box testing, code is visible to testers, so it is also called Clear box testing, Open box testing, transparent box testing, Code-based testing, and Glass box testing.

 

- Grey Box Testing: It is a software testing technique to test a software product or application with partial knowledge of its internal structure. The purpose of grey box testing is to search and identify the defects due to improper code structure or improper applications.
In this process, context-specific errors that are related to web systems are commonly identified. It increases the testing coverage by concentrating on all of the layers of any complex system

 

3. Information Gathering: Obtaining as much information about the IT environment, such as Networks, IP Address, Operating System Version, etc. It applies to all three types of Scopes, such as Black Box Testing, White Box Testing, and Grey Box Testing.

 

4. Vulnerability Detection: In this step, vulnerability scanners scan the IT environment and identify the vulnerabilities.

 

5. Information Analysis and Planning: It will analyze the identified vulnerabilities to devise a plan for penetrating the network and systems

 

How to do Vulnerability Assessment

Step 1) Setup: We need to start by determining which systems and networks will be assessed, identifying where any sensitive data resides, and which data and systems are most critical. Configure and update the tools.

 

Step 2) Test Execution: A packet is the data routed unit between an origin and the destination. When any file, such as an e-mail message, HTML file, Uniform Resource Locator (URL) request is sent from one place to another on the internet, the TCP layer of TCP/IP divides the file into several "chunks" for efficient routing. Each of these chunks will be uniquely numbered and will include the Internet address of the destination. These chunks are called packets

 

Step 3) Vulnerability Analysis: Now define and classify network or System resources and assign priority to the resources (low, medium, high). Identify potential threats to each resource and develop a strategy to deal with the most prioritized problems. Define and implement ways to minimize the consequences if an attack occurs.

 

Step 4) Remediation: The vulnerability assessment results to patch key flaws or problems, whether simply via a product update or through something more involved, from installing new security tools to an enhancement of security procedures.

 

Step 5) Repeat: Vulnerability assessments need to be conducted regularly, monthly or weekly, as any single assessment is only a report of that moment in time. These reports give a strong sense of how security posture has developed.

 

Comments ()

Sign in

Read Next

Google App Engine

Blog banner

Data Security and Data Privacy in Data Science

Blog banner

Threat management

Blog banner

MULTITHREADING:ENHANCEING PERFORMANCE AND EFFICIENCY IN COMPUTING

Blog banner

What is Spyware? and examples of them.

Blog banner

VIRTUAL MACHINE

Blog banner

How to setup a professional looking business account on Instagram?

Blog banner

Demystifying Cryptography: A Beginner's Guide

Blog banner

A Traveller’s Guide to Offbeat Places in Arcadia, Florida

Blog banner

Why is it hard to design an Operating Systems ?

Blog banner

Evolution of the Microprocessor ~ Aditya Pai

Blog banner

Multiple-Processor Scheduling in Operating System

Blog banner

Buffering

Blog banner

Internet: The Vast Ocean Of Knowledge.

Blog banner

AI and cyber Security

Blog banner

Clustering Techniques

Blog banner

Incident management in ITSM

Blog banner

The Khan mehtab transforming the modular switches

Blog banner

Data Science in Mental Health Prediction

Blog banner

K-means use cases

Blog banner

SQL Injection

Blog banner

Operating Systems Overview

Blog banner

10 Things To Do On Valentine's Day If You're Single

Blog banner

Types of Malware in Cyber Security

Blog banner

Data Mining

Blog banner

EMAIL INVESTIGATION

Blog banner

The functions of operating system

Blog banner

OS DESIGN CONSIDERATIONS FOR MULTIPROCESSOR

Blog banner

ARTICAL ON MANAGEMENT SYSTEM

Blog banner

Hypothesis Testing in Data Science

Blog banner

Deadlock

Blog banner

Logical and physical address

Blog banner

Virtual memory

Blog banner

internet email and it's applications

Blog banner

FRIENDSHIP

Blog banner

The Right way of cooking

Blog banner

What is Network Security?

Blog banner

Mental Health

Blog banner

Tea, Coffee, Red Wine, and Teeth: A Stain Survival Guide

Blog banner

Jamming Attacks in Network Security: Disrupting Communication Signals

Blog banner

Biometric Authentication and Privacy: Balancing Ethical Concerns

Blog banner

How to tie a Tie

Blog banner