what is Vulnerability Assessment ?
Published On 28th May 2019
VULNERABILITY ASSESSMENT is a process to evaluate the security risks in the software system in order to reduce the probability of a threat. It is also called Vulnerability Testing.
A vulnerability is any mistakes or weakness in the system security procedures, design, implementation or any internal control that may result in the violation of the system's security policy. The purpose of Vulnerability Assessment is to reduce the possibility for intruders (hackers) to get unauthorized access. Vulnerability Analysis depends upon two mechanisms namely Vulnerability Assessment and Penetration Testing(VAPT).
How does a vulnerability assessment work?
There are three primary objectives of a vulnerability assessment.
1. Identify vulnerabilities ranging from critical design flaws to simple misconfigurations.
2. Document the vulnerabilities so that developers can easily identify and reproduce the findings.
3. Create guidance to assist developers with remediating the identified vulnerabilities.
Vulnerability testing can take various forms. One method is Dynamic Application Security Testing (DAST). A dynamic analysis testing technique that involves executing an application (most commonly a Web application), DAST is performed specifically to identify security defects by providing inputs or other failure conditions to find defects in real time. Conversely, Static Application Security Testing (SAST) is the analysis of an application’s source code or object code in order to identify vulnerabilities without running the program.
The two methodologies approach applications very differently. They are most effective at different phases of the software development life cycle (SDLC) and find different types of vulnerabilities. For example, SAST detects critical vulnerabilities such as cross-site scripting (XSS) and SQL injection earlier in the SDLC. DAST, on the other hand, uses an outside-in penetration testing approach to identify security vulnerabilities while Web applications are running.
Another method of vulnerability assessment in and of itself, penetration testing entails goal-oriented security testing. Emphasizing an adversarial approach (simulating an attacker’s methods), penetration testing pursues one or more specific objectives .
Why Vulnerability Assessments are Important.
Vulnerability assessments allow security teams to apply a consistent, comprehensive, and clear approach to identifying and resolving security threats and risks. This has several benefits to an organization:
• Early and consistent identification of threats and weaknesses in IT security
• Remediation actions to close any gaps and protect sensitive systems and information
• Meet cybersecurity compliance and regulatory needs for areas like HIPAA and PCI DSS
• Protect against data breaches and other unauthorized access
When you’re choosing a vulnerability scanning tool, emphasize the following areas:
• Frequency of updates
• Quality and quantity of vulnerabilities, including minimizing false positives and false negatives. Elimination of false positives
• Actionability of results
Integrations with other vulnerability management and IT security tools (patch management, SIEM, etc.)
vulnerability assessments should always provide clear, actionable information on all identified threats, and the corrective actions that will be needed. This allows risk managers to prioritize fixes against the overall cyber risk profile of the organization. A good vulnerability assessment approach can significantly reduce your exposure to cyber threats, and boost your baseline of protection across your organization’s systems and data
Advantages of Vulnerability Assessment
• Open Source tools are available.
• Identifies almost all vulnerabilities
• Automated for Scanning.
• Easy to run on a regular basis.
Disadvantages of Vulnerability Assessment
• High false positive rate
• Can easily detect by Intrusion Detection System Firewall.
• Often fail to notice the latest vulnerabilities.
• Inactive Testing, a tester introduces new test data and analyzes the results.
• During the testing process, the testers create a mental model of the process, and it will grow further during the interaction with the software under test.
• While doing the test, the tester will actively involve in the process of finding out the new test cases and new ideas. That's why it is called Active Testing.
• Passive testing, monitoring the result of running software under test without introducing new test cases or data
• Network Testing
• Network Testing is the process of measuring and recording the current state of network operation over a period of time.
• Testing is mainly done for predicting the network operating under load or to find out the problems created by new services.
We need to Test the following Network Characteristics:-
• Utilization levels
• Number of Users
• Application Utilization
• Distributed Tests are applied for testing distributed applications, which means, the applications that are working with multiple clients simultaneously. Basically, testing a distributed application means testing its client and server parts separately, but by using a distributed testing method, we can test them all together.
• The test parts will interact with each other during the Test Run. This makes them synchronized in an appropriate manner. Synchronization is one of the most crucial points in distributed testing.
In Software Engineering, Vulnerability Testing depends upon two mechanisms namely Vulnerability Assessment and Penetration Testing. Both these tests differ from each other in strength and tasks that they perform. However, to achieve a comprehensive report on Vulnerability Testing, the combination of both procedures is recommended.
Incident response plan...