Thursday, December 22, 2011

Introduction to Vulnerability Assessment

What is Vulnerability Assessment? 

Vulnerability Assessment is the process that identifies and classifies the vulnerability in a system. The vulnerability are performed in various systems such as IT systems,nuclear power plants, water supply system,etc.

Vulnerability from the perspective of disaster management means assessing the threats from potential hazards to the population and to infrastructure.

It may be conducted in the political, social, economic or environmental fields.

The steps involved in Vulnerability Assessment:



  • Classifying capabilities and assets(resources) in a system.
  • Assigning quantifiable vaule and importance to the above resources.
  • Identifying the vulnerability in each resources.
  • Mitigating or eliminating the most serious vulnerabilities for the most valuable
  • resources
Standard risk analysis is mostly interested in exploring and examining the risks surrounding a given asset or resource (in the IT industry's case, digital information, the continued smooth operation of a program, or the unimpeded performance of an OS or network) as well as its function and design. Such assessments tend to concentrate on the direct consequences and root causes for the failure of the scrutinized object.

In contrast, vulnerability assessment is more concerned with both the adverse effects on the asset itself and on the principal and secondary consequences for the surrounding system environment. At any rate, this analysis type is mostly focused on the possibilities of mitigating such risks and improving the security capacity and performance rating of a given network or computer system in order to better manage future incidents.

The vulnerability test is performed by an automated tools(Eg: joomla vulnerability scanner). These tools identify the vulnerabilities and give tips for mitigate or patching . But these tools are limited to common and known vulnerabilities. Vulnerability assessment can be done by inside professionals (i.e. network administrators), but is usually outsourced to Managed Security Service Providers (MSSP)

1 comments:

Helen Mary said...

I know of a very good hacker that can help you with any type of hacking, either phones or computers. My husband was so smooth at hiding his infidelity so I had no proof for months, I was referred to some hacker and decided to give him a try. the result was incredible because all my cheating husband's text messages, emails, Facebook, Whatsapp, Call logs, Viber, IG and even phone conversations was wired directly to my cellphone. David helped me put a round-the-clock monitoring on him and I got concrete evidence of his escapades.. if you think your spouse is an expert at hiding his cheating adventure, you can contact him too at (davhackwizard@gmail.com) +19123301683 or Tell him Helen referred you. God bless.

Post a Comment

 
Design by Secure Hackers