Vulnerability identification
What is a Cybersecurity Vulnerability? Vulnerabilities are weaknesses in an information system’s design, implementation, operation, or management, that can be exploited by Threat Actor , to compromise of the confidentiality, integrity, or availability of that system. After exploiting a vulnerability, a Threat Actor can run malicious code, install malware, and even steal sensitive data.
Vulnerability identification is the process of scanning and noting exploitable gaps in our system, network operation & configuration. These scanning help us , to focus on protecting the system & network by pointing out the weak parts of our system. There is countless vulnerabilities exist, so we will need to define a broader selection of vulnerabilities to get things started. Following are some examples of common potential vulnerabilities:
- Hardware: Susceptibility
to humidity, dust, moisture, electrostatic discharge (ESD), and inadequate
physical protection
- Software: Lack of testing and auditing, design flaws, missing patches, legacy, and misconfiguration
- Network: Unprotected cables, insecure network architecture, poor or missing encryption, poor segmentation, and poorly positioned network appliances
- Personnel: Poor recruiting practices, lack of security policy adherence, and poor cybersecurity awareness
- Physical site: Susceptibility to floods, fires, power outages, unauthorized entry, lack of surveillance, and lack of security guards
- Organizational: Lack of business continuity plans BCP and disaster recovery plans DRP
Vulnerability identification is a big undertaking that involves consistent internal vulnerability assessments. Vulnerability management or assessments is a practice of identifying, classifying, prioritizing, remediating, and mitigating system & network of vulnerabilities.
In addition to the
acquisition of vulnerability intelligence from numerous vulnerability
identification sources, as listed here:
- CVE
- Exploit Database
- IT system audit reports
- National Vulnerability Database (NVD)
- Open Web Application Security Project (OWASP)
- Previous risk assessments
- SANS Internet Storm Center
- Security advisories
- Security requirements checklist
- System security testing
- US-CERT
- Vendor advisories (Cisco, IBM, Google, Microsoft)
- Vulnerability listings
Consider a simple example—A Default/Weak password used by an administrator or a normal user are both problematic, but the potential effect of a compromise of an administrator’s account can have far greater impact on the organization.
No comments:
Post a Comment