Vulnerability Assessment
A vulnerability assessment is done to check a computer system, network, or web application to evaluate its security. The goal of the assessment is to identify vulnerabilities that an attacker could exploit and to assess the potential impact of a successful attack. An assessment typically involves the following steps:
Information Gathering: This involves gathering information about the target system, including operating system, hardware and software components, network structure, etc. This information is used to identify potential vulnerabilities. Making a list of all softwares and their versions which are used on the network, Gathering information about the target system, network, or web application.
Authorized scanning: Identifying potential vulnerabilities using tools such as vulnerability scanners.. Scanning the systems with tools to generate a report of what is visible from the network. This is also called penetration testing. If exploits are available in the testing softwares and the configurations allow the exploit to gain access, then the scanning tool can in some cases run the exploits in an automated manner and demonstrate some kind of access. The tools can guess some of the software versions based on their behavior on the network, but for a specific analysis the actual version of the software needs to be known and verified by the administrators.
Vulnerability listing: This involves listing all known and documented vulnerabilities for each software version which is in use. Checking for missing updates, patches, misconfigured systems, and other security issues. Also listing all security design which exist in the system and its parts.
Deep Checking: This involves manually testing the target system for vulnerabilities. This can include physical access testing, social engineering attacks, and checking of all configurations to make sure they provide and deny access to all users for all services correctly.
Reporting: Documenting the results of the vulnerability test, including any vulnerabilities that were identified and mentioning the conditions in which they could cause unauthorized access. The results of the weaknesses and how to mitigate against then with the least amount of resources and changes required. The suggestions depend on the risk appetite of the target system owners and the amount of services they are willing to provide. Disaster recovery plans and damage control plans need to be suggested and made to allow the system owners to respond to any future attacks in case they occur.
Verifying the configuration : Checking the configurations of all softwares to make sure they follow the policy of the organization.
It is important to note that a vulnerability assessment is usually done with the cooperation of the system owners and administrators. Unauthorized assessments or checking of systems can be considered to be a very suspicious activity and can be illegal in many cases.