Vulnerability Assessment (VA)
A vulnerability assessment is a systematic review of security weaknesses in an information system. It evaluates if the system is susceptible to any known vulnerabilities, assigns severity levels to those vulnerabilities, and recommends remediation or mitigation, if and whenever needed.
Target
- Host assessment
- Network and wireless assessment
- Database assessment
- Application scans
Process approach
- Vulnerability identification (testing)
- Vulnerability analysis
- Risk assessment
- Remediation
- Final report