Download Free Vulnerability Assessment and Penetration Testing Plan Templates
Vulnerability Assessment - Utilizing vulnerability scanners all discovered hosts can then be tested for vulnerabilities. The result would then be analyzed to determine if there any vulnerability that could be exploited to gain access to a target host on a network. A number of tests carried out by these scanners are just banner grabbing/ obtaining version information, once these details are known, the version is compared with any common vulnerability and exploits (CVE) that have been released and reported.
Benefits of Vulnerability Assessments
- Build and broaden awareness.
- Establish or evaluate against a baseline.
- Identify vulnerabilities and develop responses.
- Categorize key assets and drive the risk management process.
- Develop and build internal skills and expertise.
A four-stage vulnerability management system should be developed. It should ensure that vulnerabilities are identified, that a decision is made as to how to react to those vulnerabilities, that there is careful testing prior to patching and that actions are tracked so that success (or otherwise) can be monitored. This system should: