vulnerability scanner
A vulnerability assessment is employed to quantify a system's risk posture on the basis of the system's IT exposure. The chance is defined as a function of threats, vulnerabilities, and asset value. An example of a risk is really a disgruntled employee attempting to achieve unauthorized access to the system. An example of a vulnerability is really a system that does not require authentication for system access via the Internet. Assets with high value might be defined as systems with sensitive information, such as social security numbers vulnerability scanner.
The main steps in conducting a vulnerability assessment are gathering the requirements, defining the scope, identifying roles and responsibilities, developing the test plan, executing the testing, and documenting the results.
The first step is gathering the requirements. A Statement of Work is definitely an agreement between the 2 parties that defines the work involved, the scope of work, the parties involved, and the time and dates of execution. The vulnerability assessment team reviews the Statement of Work and gathers additional requirements from the client. Additional requirements could include details such as specifying the types of testing that are not in the scope (e.g. Denial of Service) or defining reporting requirements.
Defining the scope is the next step. The client can provide a systems inventory and locations of sites that'll be tested during the vulnerability assessment. Additionally the client will clarify which system components will soon be tested (e.g. databases, web applications). The kind of vulnerability assessment scan tools will also be defined. This will include tools such as Nessus and STAT.
The roles and responsibilities are also defined. Including roles such as who will execute the vulnerability scans, who will monitor the testing, and who to notify if you will find denial of service conditions detected. The stakeholders' contact information is exchanged to ensure that communication can be facilitated during the testing.
The test plan defines the testing in more granular form. The test plan specifies what configurations are applied to the vulnerability scanners, what IP addresses are scanned, how the testing is conducted, and procedures for halting the testing.
Executing the testing includes creating at the testing sites, plugging in to the network, and executing the vulnerability scans. The vulnerability scanner can produce hundreds of pages of data.
Documenting the outcomes is the final stage. The vulnerability report that was generated by the vulnerability assessment tool is reviewed by the assessment team for false positives. This phase is completed with the machine administrators who help the assessment team gather the required information for identifying false positives. For instance, a vulnerability scanner may identify Linux vulnerabilities on a Windows system. This may be identified as a false positive. The ultimate answers are compiled in to a report. The report contains an executive summary of the major vulnerabilities which are found, risk levels associated with the vulnerabilities, and mitigation recommendations.