Vulnerability assessment (computing)

Vulnerability assessment is a process of defining, identifying and classifying the security holes in information technology systems. An attacker can exploit a vulnerability to violate the security of a system. Some known vulnerabilities are Authentication Vulnerability, Authorization Vulnerability and Input Validation Vulnerability.^[1]

Purpose

Before deploying a system, it first must go through from a series of vulnerability assessments that will ensure that the build system is secure from all the known security risks. When a new vulnerability is discovered, the system administrator can again perform an assessment, discover which modules are vulnerable, and start the patch process. After the fixes are in place, another assessment can be run to verify that the vulnerabilities were actually resolved. This cycle of assess, patch, and re-assess has become the standard method for many organizations to manage their security issues.

The primary purpose of the assessment is to find the vulnerabilities in the system, but the assessment report conveys to stakeholders that the system is secured from these vulnerabilities. If an intruder gained access to a network consisting of vulnerable Web servers, it is safe to assume that he gained access to those systems as well.^[2] Because of assessment report, the security administrator will be able to determine how intrusion occurred, identify compromised assets and take appropriate security measures to prevent critical damage to the system.

Assessment types

Depending on the system a vulnerability assessment can have many types and level.

Host assessment

A host assessment looks for system-level vulnerabilities such as insecure file permissions, application level bugs, backdoor and Trojan horse installations. It requires specialized tools for the operating system and software packages being used, in addition to administrative access to each system that should be tested. Host assessment is often very costly in term of time, and thus is only used in the assessment of critical systems. Tools like COPS and Tiger are popular in host assessment.

Network assessment

In a network assessment one assess the network for known vulnerabilities. It locates all systems on a network, determines what network services are in use, and then analyzes those services for potential vulnerabilities. This process does not require any configuration changes on the systems being assessed. Unlike host assessment, network assessment requires little computational cost and effort.^[3]

Penetration Testing Approaches: Choosing the Right Strategy

Penetration testing (pen testing) is a crucial security practice that simulates cyberattacks to identify vulnerabilities in your systems. But there’s not a one-size-fits-all approach. The type of pen testing you choose depends on the level of information you provide to the pen tester. Here’s a breakdown of the three main approaches:

Black Box Testing: Imagine a blindfolded attacker. In a black box test, the pen tester has limited to no knowledge about your systems’ internal workings. They approach the target system just like a real attacker would, using publicly available information and standard attack techniques. This method is ideal for simulating real-world attacks and uncovering weaknesses that an outsider might exploit.
White Box Testing: This is the opposite of black box testing. The pen tester has full access to everything, including your system’s source code, design documents, and network configurations. With this insider’s view, they can delve deeper and identify vulnerabilities that might be missed by a black box approach. This method is helpful for ensuring the security of complex custom applications.
Grey Box Testing: This approach finds a middle ground. The pen tester has some knowledge about your systems, but not everything. They might be familiar with the overall architecture but not the intricate details. This method offers a balance between simulating real-world attacks and leveraging internal knowledge for a more comprehensive assessment.

Vulnerability assessment vs penetration testing

Vulnerability assessment and penetration testing are two different testing methods. They are differentiated on the basis of certain specific parameters.

Vulnerability assessment vs Penetration testing^[4]
	Vulnerability Scan	Penetration Test
How often to run	Continuously, especially after new equipment is loaded	Once a year
Reports	Comprehensive baseline of what vulnerabilities exist and changes from the last report	Short and to the point, identifies what data was actually compromised
Metrics	Lists known software vulnerabilities that may be exploited	Discovers unknown and exploitable exposures to normal business processes
Performed by	In house staff, increases expertise and knowledge of normal security profile.	Independent outside service
Expense	Low to moderate: about $1200 / yr + staff time	High: about $10,000 per year outside consultancy
Value	Detective control, used to detect when equipment is compromised	Preventative control used to reduce exposures

References

^ "Category:Vulnerability - OWASP". www.owasp.org. Retrieved 2016-12-07.
^ "Vulnerability Assessment" (PDF). www.scitechconnect.elsevier.com. Retrieved 2016-12-07.
^ "VAPT - NhanceGRC". 2024-04-22. Retrieved 2024-06-20.
^ "Penetration Testing vs. Vulnerability Scanning". www.tns.com. Retrieved 2016-12-07.

External links

Dowd; McDonald; Schuh (2007). The art of software security assessment : identifying and preventing software vulnerabilities (PDF). Indianapolis, Ind.: Addison-Wesley. ISBN 978-0-321-44442-4. OCLC 70836623. Archived from the original (PDF) on 2020-10-08.
List of known Vulnerabilities

[1] "Category:Vulnerability - OWASP". www.owasp.org. Retrieved 2016-12-07.

[2] "Vulnerability Assessment" (PDF). www.scitechconnect.elsevier.com. Retrieved 2016-12-07.

[3] "VAPT - NhanceGRC". 2024-04-22. Retrieved 2024-06-20.

[4] "Penetration Testing vs. Vulnerability Scanning". www.tns.com. Retrieved 2016-12-07.

[1]

[2]

[3]

[4]