A VULNERABILITY ASSESSMENT IS A THOROUGH EXAMINATION OF AN INFORMATION SYSTEM’S SECURITY FLAWS. IT DETERMINES WHETHER THE SYSTEM IS VULNERABLE TO ANY KNOWN VULNERABILITIES, ASSIGNS SEVERITY LEVELS TO THOSE VULNERABILITIES, AND, IF AND WHEN NECESSARY, OFFERS REMEDIATION OR MITIGATION.
VULNERABILITY ASSESSMENT SECURITY SCANNING PROCESS
CONSISTS OF FOUR STEPS: TESTING, ANALYSIS, ASSESSMENT AND REMEDIATION.
VULNERABILITY ASSESSMENT SECURITY SCANNING PROCESS
THREATS THAT CAN BE PREVENTED BY VULNERABILITY ASSESSMENT INCLUDE:
- SQL INJECTION, XSS AND OTHER CODE INJECTION ATTACKS.
- ESCALATION OF PRIVILEGES DUE TO FAULTY AUTHENTICATION MECHANISMS.
- INSECURE DEFAULTS – SOFTWARE THAT SHIPS WITH INSECURE SETTINGS, SUCH AS A GUESSABLE ADMIN PASSWORDS.
TYPES OF VULNERABILITY ASSESSMENTS PROVIDED BY GUARD N WATCH:
The assessment of databases or big data systems for vulnerabilities and misconfigurations, identifying rogue databases or insecure dev/test environments, and classifying sensitive data across an organization’s infrastructure.
The assessment of critical servers, which may be vulnerable to attacks if not adequately tested or not generated from a tested machine image.
The assessment of policies and practices to prevent unauthorized access to private or public networks and network-accessible resources.