vulnerability analysis

Vulnerability analysis, also known as vulnerability assessment, is a process that defines, identifies, and classifies the security holes (vulnerabilities) in a computer, network, or communications infrastructure. In addition, vulnerability analysis can forecast the effectiveness of proposed countermeasures and evaluate their actual effectiveness after they are put into use.

Vulnerability analysis consists of several steps:

• Defining and classifying network or system resources
• Assigning relative levels of importance to the resources
• Identifying potential threats to each resource
• Developing a strategy to deal with the most serious potential problems first
• Defining and implementing ways to minimize the consequences if an attack occurs.

If security holes are found as a result of vulnerability analysis, a vulnerability disclosure may be required. The person or organization that discovers the vulnerability, or a responsible industry body such as the Computer Emergency Readiness Team (CERT), may make the disclosure. If the vulnerability is not classified as a high level threat, the vendor may be given a certain amount of time to fix the problem before the vulnerability is disclosed publicly.

The third stage of vulnerability analysis (identifying potential threats) is sometimes performed by a white hat using ethical hacking techniques. Using this method to assess vulnerabilities, security experts deliberately probe a network or system to discover its weaknesses. This process provides guidelines for the development of countermeasures to prevent a genuine attack.

Learn more about Security vulnerability management

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

More resources from around the web: - Primatech, Inc. describes the technical aspects of industrial cyber security vulnerability analysis. - Diana Kelley explains how to use vulnerability management data effectively. - Writing.com has published an article entitled 'The Dark Side of White Hat Hacking.' - This SearchSecurity.com tip looks at vulnerability analysis service providers. - Mike Chapple explains how to protect your applications from file format vulnerabilities. - Mike Rothman discusses how to measure security risks, threats and vulnerabilities.

FILE EXTENSION AND FILE FORMAT LIST File Extension and File Format List: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #

RELATED CONTENT How to choose full disk encryption for laptop security, compliance Full disk encryption is becoming a priority for laptop security in midmarket companies because of regulatory compliance and fear of data breaches. How to create a bit-image copy of a live server Part of your incident response plan should include the creation of a bit image copy of a live server. Free and open source tools are available to... Get more out of your security event log data Your network has plenty to say about your organization's threat posture. These three tips will help you get the most out of security log management...

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary network scanning  (SearchMidmarketSecurity.com) port scan  (SearchMidmarketSecurity.com)