What is vulnerability assessmentA vulnerability assessment is a systematic review of security weaknesses in an information system. It evaluates if the system is susceptible to any known vulnerabilities, assigns severity levels to those vulnerabilities, and recommends remediation or mitigation, if and whenever needed. Show
Examples of threats that can be prevented by vulnerability assessment include:
There are several types of vulnerability assessments. These include:
This is part of an extensive series of guides about [open source] Vulnerability assessment: Security scanning processThe security scanning process consists of four steps: testing, analysis, assessment and remediation. 1. Vulnerability identification (testing)The objective of this step is to draft a comprehensive list of an application’s vulnerabilities. Security analysts test the security health of applications, servers or other systems by scanning them with automated tools, or testing and evaluating them manually. Analysts also rely on vulnerability databases, vendor vulnerability announcements, asset management systems and threat intelligence feeds to identify security weaknesses. 2. Vulnerability analysisThe objective of this step is to identify the source and root cause of the vulnerabilities identified in step one. It involves the identification of system components responsible for each vulnerability, and the root cause of the vulnerability. For example, the root cause of a vulnerability could be an old version of an open source library. This provides a clear path for remediation – upgrading the library. 3. Risk assessmentThe objective of this step is the prioritizing of vulnerabilities. It involves security analysts assigning a rank or severity score to each vulnerability, based on such factors as:
4. RemediationThe objective of this step is the closing of security gaps. It’s typically a joint effort by security staff, development and operations teams, who determine the most effective path for remediation or mitigation of each vulnerability. Specific remediation steps might include:
Vulnerability assessment cannot be a one-off activity. To be effective, organizations must operationalize this process and repeat it at regular intervals. It is also critical to foster cooperation between security, operation and development teams – a process known as DevSecOps. Vulnerability assessment toolsVulnerability assessment tools are designed to automatically scan for new and existing threats that can target your application. Types of tools include:
It is a best practice to schedule regular, automated scans of all critical IT systems. The results of these scans should feed into the organization’s ongoing vulnerability assessment process. Vulnerability assessment and WAFImperva’s web application firewall helps protect against application vulnerabilities in several ways:
See Our Additional Guides on Key Open Source TopicsTogether with our content partners, we have authored in-depth guides on several other topics that can also be useful as you explore the world of open source. Openshift Container Platform Authored by NetApp
Open Source Vulnerabilities Authored by Mend
Open Source Security Authored by Mend
What are a component of the security triple?The most effective means of determining security adequacy is to consider all three elements of risk – threat, vulnerability and consequence.
What is the primary objective of the readiness and review domain of the maintenance model?The primary goal of the readiness and review domain is to keep the information security program functioning as designed and to keep it continuously improving over time.
Is a center of Internet security expertise and is located at the Software Engineering Institute?The CERT® Computer Emergency Response Team Coordination Center CERT/CC is a center of Internet security expertise. It is located at the Software Engineering Institute, a federally funded research and development center operated by Carnegie Mellon University.
Is a detailed examination of the events that occurred from first detection to final recovery?The after-action review is a detailed examination of the events that occurred from first detection to final recovery. All team members review their actions during the incident and identify areas where the IR plan worked, didn't work, or should improve.
|