Importance Of Vulnerability Assessment

1403 Words6 Pages
1. Introduction Vulnerabilities are the way through an attacker can gain access through exploiting the threat. In other words, a Network or system compromise may occur through a security flaw found in a system. Vulnerability Assessment (VA) and Penetration Testing (PT) are two different ways to analysis flaws, comes with different results. Vulnerability assessment is a process of searching for security flaws in a system for applying a fix or patch to prevent system compromise.it is the process of ranking or prioritizing, quantifying and identifying the vulnerabilities in a system. Whereas Penetration tests or security testing is used for testing a network, web application or computer system to find vulnerabilities that an attacker can exploit…show more content…
» System inappropriately placed in infrastructure/environment 5. Best Practices to Counteract Security Issues. Along with vulnerability assessment, Policies and procedures should be developed and implemented, organizations strictly follow the rule of behavior outlining in the guidelines. Without guidelines and polices in place there will be no way to make sure that the process will be administered systematically or perhaps that the process will be administered out at all. As with any job, having the proper tools and technique it is important in getting complete and accurate results. When performing a Vulnerability Assessment it is necessary, and extremely helpful to use the similar kind of tools as the potential attackers may use. Using this way it will be possible to follow the same techniques and methodologies that will be deployed when company’s systems, network are being attacked. By executing uniform procedures, making a solid policy, and using the proper techniques and tools, than there will be no end to the potential reward that a good Vulnerability Assessment process will lead to any company. Some Best Practices organizations should work…show more content…
Conduct Assessment This phase consists of two main objectives, the planning and performing of the vulnerability assessment. The planning component will include gathering all relevant information, defining the scope of activities, defining roles and responsibilities, and making others aware through the change management process. The method for performing the VA will include interviewing system administrators, reviewing appropriate policies and procedure relating to the systems being assessed and of course the security scanning. 7.2. Identify Exposures This phase can include an assortment of tasks. For example, reviewing the resulting data from the assessment phase and tying it into the issue management process so that accountability for the issues are established and the exposures can be resolved. The data can also be stored and reviewed allowing for enterprise wide risk analysis and trending. 7.3. Address Exposures This phase tries to resolve the exposures identified in the previous phase. Before any steps are taken to fix the problem an investigation must be conducted to determine if the service that caused the exposure is in fact needed. If the service is needed then the system should be upgraded, or if no upgrade exists management must be informed of the potential risk that system presents. If the services are not needed then it could simply be
Open Document