What is Vulnerability Assessment? A Step by Step Guide

Vulnerability Assessment is when you take the known systems. Such as version status, configuration information and the activities performance within an organisation and then check these for known vulnerabilities.

Vulnerability Assessments are different from penetration tests by the virtue that they are completed using predefined tools. Also, a vulnerability assessment is a set methodology that is limited to pre-existing knowledge about those systems. It is important to have knowledge of how the systems interact with one another. Understanding how the system interacts you comprehend better the discount false-positives and understand the real risks involved.  The example provided by (ISC)2 is where an anonymous FTP server is likely to get flagged up as a vulnerability. The fact of the matter may well be that it is part and parcel of the design of the system to have anonymous FTP capabilities.

Vulnerability Assessment step by step:

1. Gather information about the systems used (including version numbers, configuration info etc)
2. Discuss the application, their uses and where they have seen potential security problems in the past with users and system owners
3. Check each aspect of the existing systems against vulnerability databases and other sources of known vulnerabilities
4. Gather information on the existing access controls and other protective measures
5. Check each of these against vulnerability databases and other sources of known vulnerabilities
6. Match the various access controls to known system vulnerabilities
7. And voilà – if you have items still on the list that are unprotected, these are the bits you need to fix

Using automated tools such as Nessus is common, though we need to consider a preliminary step to have any credibility.  All the tools must be up to date as they are based on the use of known vulnerability databases etc.

Once we identify the unprotected vulnerabilities we categorise them on a criticality scale such as 1 – 5 (high to low).  This way the vulnerabilities can be dealt with in an appropriate order and appropriate speed.

Finally, we produce a remediation plan by advising the system/information owners and discussing the implications.  It is of vital importance that everybody agrees with this plan. Also, all parties need to adhere to the time scales.

YGHT provides Pen Test services