vulnerability analysis

Vulnerability analysis, also known as vulnerability assessment, is a process that defines, identifies, and classifies the security holes (vulnerabilities) in a computer, network, or communications infrastructure. In addition, vulnerability analysis can forecast the effectiveness of proposed countermeasures and evaluate their actual effectiveness after they are put into use.

Vulnerability analysis consists of several steps:

• Defining and classifying network or system resources
• Assigning relative levels of importance to the resources
• Identifying potential threats to each resource
• Developing a strategy to deal with the most serious potential problems first
• Defining and implementing ways to minimize the consequences if an attack occurs.

If security holes are found as a result of vulnerability analysis, a vulnerability disclosure may be required. The person or organization that discovers the vulnerability, or a responsible industry body such as the Computer Emergency Readiness Team (CERT), may make the disclosure. If the vulnerability is not classified as a high level threat, the vendor may be given a certain amount of time to fix the problem before the vulnerability is disclosed publicly.

The third stage of vulnerability analysis (identifying potential threats) is sometimes performed by a white hat using ethical hacking techniques. Using this method to assess vulnerabilities, security experts deliberately probe a network or system to discover its weaknesses. This process provides guidelines for the development of countermeasures to prevent a genuine attack.

Learn more about Security vulnerability management

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

More resources from around the web: - Primatech, Inc. describes the technical aspects of industrial cyber security vulnerability analysis. - Diana Kelley explains how to use vulnerability management data effectively. - Writing.com has published an article entitled 'The Dark Side of White Hat Hacking.' - This SearchSecurity.com tip looks at vulnerability analysis service providers. - Mike Chapple explains how to protect your applications from file format vulnerabilities. - Mike Rothman discusses how to measure security risks, threats and vulnerabilities.

FILE EXTENSION AND FILE FORMAT LIST File Extension and File Format List: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #

RELATED CONTENT How to choose online data backup services for data protection SaaS-based data backup cuts costs and management overhead, but you're not outsourcing your security responsibilities. How to choose full disk encryption for laptop security, compliance Full disk encryption is becoming a priority for laptop security in midmarket companies because of regulatory compliance and fear of data breaches. How to create a bit-image copy of a live server Part of your incident response plan should include the creation of a bit image copy of a live server. Free and open source tools are available to...

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary network scanning  (SearchMidmarketSecurity.com) port scan  (SearchMidmarketSecurity.com)