A Vulnerability Assessment (VA) is the prime way to protect the IT network, device, and data. It is critical to be aware of the possible vulnerabilities and to equip the security posture to reduce threats.
VA is a procedure to detect and measure the quantity of the security vulnerabilities in an enterprise environment.
5 Simple steps of Vulnerability Assessment
Identify the software and hardware assets in the environment
Measure and understand the value of these assets
Understand the possible security vulnerabilities that can infect the organization’s assets
Identify the score level of threat and risk for each vulnerability
Reduce the possible risk vulnerabilities from the most important assets of the organization
Vulnerability Assessment: A Technical Process
Vulnerability assessments comprises of three phases
Phase 1 – Gathering Data - Organizations collect data to know what are the hardware and software involved in the network. This includes network scanning to identify hosts, port scanning to find the protocols and the services that are possibly vulnerable, A review of DNS data to identify and recognize which hosts would be targeted.
Phase 2 - Review & Enumeration – Once the gathering of data and discovery is done by the concerned assessor, a complete review and listing of the applications, Oses, protocols, ports and services helps entitles in identifying the full extent of vectors that can be attacked easily.
Phase 3 - Detection & Reporting – This is the last phase of vulnerable Assessment that enables the actual identification of vulnerabilities by implementing a detection kit like National Vulnerability Database to determine the vulnerabilities on the assets. There phase is absolute with risk and scores information. Lastly, experts are equipped with remediation tools to debug, configure and update patches on the required assets to terminate the possible risks associated with the identified vulnerabilities.
- Released: 08/27/2018
- Updated: 09/11/2018
A network assessment is the analy...
Comodo RMM delivers an effective Linux patch ...
There are many RMM tools for MSPs available in the market. Notable among them are - Comod...
Network Assessment helps you identify many...
The best RMM tool for MSP startups should include the following features: &...