The steps involved in Vulnerability Assessment:
- Classifying capabilities and assets(resources) in a system.
- Assigning quantifiable vaule and importance to the above resources.
- Identifying the vulnerability in each resources.
- Mitigating or eliminating the most serious vulnerabilities for the most valuable
- resources
Standard risk analysis is mostly an asset or resources (in terms of IT industry, digital information, the smooth operation of a program, or an OS or network unimpeded performance) around risks and interest in the investigation well, its function and design. Such studies examine the direct consequences of the failure of the object and try to focus on the underlying causes.
In contrast, asset risk assessment system itself and the surrounding environment both principal and secondary is more concerned with the negative impact on results.Focus.
The vulnerability test is performed by an automated tools(Eg: joomla vulnerability scanner). These tools identify the vulnerabilities and give tips for mitigate or patching . But these tools are limited to common and known vulnerabilities. Vulnerability assessment can be done by inside professionals (i.e. network administrators), but is usually outsourced to Managed Security Service Providers (MSSP).
Read Also : WEB APPLICATION VULNERABILITIES
