Introduction to Vulnerability Assessment

A vulnerability assessment is an in-depth examination of the ability of a system or application, including current security procedures and controls, to withstand exploitation. It detects, evaluates, and categorises security flaws in computer systems, networks, and communication channels. It also scans networks for known security flaws. Spotting security gaps or vulnerabilities in the current security system before attackers can exploit them also helps security professionals secure the network.


Attackers use programs like Nessus, Qualys, GFI LanGuard, and OpenVAS to search for vulnerabilities. An attacker can find network vulnerabilities, open ports and services that are operating, application and service configuration issues, and application and service vulnerabilities by using vulnerability scanning. 


A vulnerability assessment may be used to:

  • Identify weaknesses that could be exploited. 
  • Predict the effectiveness of additional security measures in protecting information resources from attack. 

INFORMATION OBTAINED

Vulnerability-scanning tools often search network segments for IP-enabled devices and enumerate systems, operating systems, and applications to find vulnerabilities arising from vendor carelessness, system or network administration tasks, or routine activities. Vulnerability-scanning software scans the computer against the Common Vulnerability and Exposures (CVE) index and security bulletins provided by the software vendor. Vulnerability scanners are capable of identifying the following information:
  • The OS version running on computers or devices
  • IP and Transmission Control Protocol/User Datagram protocol (TCP/UDP) ports that are listening
  • Applications installed on computers. 
  • An account with weak passwords.
  • Files and folders with weak permissions.
  • Default services and applications that might have to be uninstalled. 
  • Errors in the security and configuration of common applications. 
  • Computers exposed to known or publicly reported vulnerabilities. 
  • EOL/EOS software information.
  • Missing patches and hotfixes
  • Weak network configuration and misconfigured or risky ports
  • Help to verify the inventory of all devices on the network

SCORING SYSTEMS AND DATABASES

Security analysts use vulnerability databases and vulnerability scoring systems to assess information system vulnerabilities and produce a composite score that represents the overall risk and severity of the vulnerabilities that have been found. Information on the different vulnerabilities that exist in information systems is gathered and kept up to date by vulnerability databases.

Common Vulnerability Scoring System (CVSS)

CVSS provides an open framework for communicating the characteristics and impacts of IT vulnerabilities. Prioritising vulnerability mitigation actions and determining the severity of vulnerabilities found on a system are two frequent uses of CVSS. The CVSS calculator ranks the security vulnerabilities and provides the user with information on the overall severity and risk related to the vulnerability.  

Common Vulnerabilities and Exposures (CVE)

A publicly available and free-to-use list or dictionary of standardized identifiers for common software vulnerabilities and exposures. 

National Vulnerability Database (NVD)

A U.S. government repository of standards-based vulnerability management data represented using the Security Content Automation Protocol (SCAP). These data enabled the automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, misconfiguration, product names, and impact metrics. 

Common Weakness Enumeration (CWE)

A category system for software vulnerabilities and weaknesses. It has over 600 categories of weakness, which enabled CWE to be effectively employed by the community as a baseline for weakness identification, mitigation, and prevention efforts. 

VULNERABILITY RESEARCH

Vulnerability research is the process of analyzing protocols, services, and configurations to discover the vulnerabilities and design flaws that will expose an operating system and its application to exploit, attack, or misuse. Vulnerabilities are classified based on severity level (low, medium, or high) and exploit range (local or remote).

An administrator needs vulnerability research:
  • To gather information about security trends, newly discovered threats, attack surfaces, attack vectors and techniques. 
  • To find weaknesses in the OS and applications and alert the network administrator before a network attack.
  • To understand information that helps prevent security problems. 
  • To know how to recover from a network attack. 

RESOURCES

  • Microsoft Vulnerability Research
  • Dark Reading
  • SecurityTracker
  • Trend Micro
  • Security Magazine
  • PenTest Magazine
  • SC Magazine
  • Exploit Database
  • Security Focus
  • Help Net Security
  • HackerStorm
  • ComputerWorld
  • WindowsSecurity
  • D'Crypt

You might be interested in,

No comments:

Post a Comment