Vulnerability Assessment is a process that defines, identifies, and classifies the security holes (vulnerabilities) in a computer, network, or communications infrastructure. In addition, vulnerability analysis can forecast the effectiveness of proposed countermeasures and evaluate their actual effectiveness after they are put into use. Conducting vulnerability assessments help organizations identify vulnerabilities in their software and supporting infrastructure before a compromise can take place.
A Vulnerability Assessment provides invaluable information and evidence to assist management in identifying those areas in IT security that require improvement and re-configuration. A vulnerability assessment actively scans and probes, but does not exploit identified vulnerabilities. Vulnerability Assessment consists of several steps:
- Defining and classifying network or system resources
- Assigning relative levels of importance to the resources
- Identifying potential threats to each resource
- Developing a strategy to deal with the most serious potential problems first
- Defining and implementing ways to minimize the consequences if an attack occurs