Vulnerability Assessment

Vulnerability assessments define, identify, classify, and prioritize flaws and vulnerabilities in applications, devices, and networks that can expose organizations, their products, services, code, and applications, to attack.

Security vulnerabilities allow malicious actors to exploit an organization’s applications and systems, so it is essential to identify and respond to them before attackers can exploit them. Comprehensive vulnerability assessments, combined with a risk management strategy, are a critical part of an organization’s security management.

A vulnerability assessment provides vital insight to understand the risks to an organization’s computing environment. The organization can then respond to vulnerabilities based on their priority level.

An effective assessment process involves determining the risk that different vulnerabilities pose to an organization. Typically, this process involves using automated tools such as security scanners. Vulnerability assessment reports should record the results produced by these testing and scanning tools.

In this Vulnerability Assessment course, the following tools were used:

• Rapid7 InsightAppSec

• Rapid7 InsightVM

• Acunetix Scanner

Vulnerability assessment processes typically include the following phases:

1. Testing. Vulnerability testing requires a comprehensive list of known vulnerabilities. The security team examines server, application, and system security to identify whether any vulnerabilities are present and checks that they don’t expose your codebase, your system, and your organization to new risks.

2. Analysis. Security analysts identify the source of each vulnerability by scanning the organization’s system components to detect the creation of anomalies or flaws within the codebase.

3. Risk assessment. This involves prioritizing vulnerabilities. You determine the risk level of each vulnerability according to how it could or does impact your system, your data, and business functions. There are many vulnerabilities that have little or no impact, while others are potentially very damaging. It’s important to assess which represent the largest and most serious threats so that you can prioritize their remediation rather than wasting time on low- or no-threat flaws.

4. Remediation. Remediating high-priority vulnerabilities involves fixing the most important potential security faults. Development, operations, and security teams collaborate to determine how they can mitigate threats and remediate vulnerabilities. This phase involves updating configurations and operations to implement vulnerability patches.