Vulnerability Assessment

Vulnerability

In computer security, a vulnerability is a weakness which allows an attacker to reduce a system's information assurance.
Vulnerability is the intersection of three elements :

(1) A system susceptibility or flaw

(2) Attacker access to the flaw

(3) Attacker capability to exploit the flaw

To be vulnerable, an attacker must have at least one applicable tool or technique that can connect to a system weakness. In this frame, vulnerability is also known as the attack surface.

Vulnerability Assessment

A vulnerability assessment is the process of identifying, quantifying, and prioritizing (or ranking) the vulnerabilities in a system. 

The objective of a vulnerability assessment is to highlight internal vulnerabilities that can be exploited to gain access to unauthorized information. The VA action items will immediately address the security concerns and we recommend fixing the listed vulnerabilities as quick as possible 

Any updates or configuration changes to the IT Infrastructure will have an impact on the overall security. Periodic risk / vulnerability assessment exercises can be used to discover new vulnerabilities and tackle them.