Vulnerability assessment is a periodic process that works on a system to
identify, track, and manage the repair of vulnerabilities on the system. Vulnerability assessment does a health check of the system. It is an essential security process and best practice for the well- being of the system. The assortment
of items that are checked in this process vary depending on the organization.
It may include all desktops, servers, routers and firewalls. Most vulnerability
assessment services will provide system administrators with:
• Network mapping and system fingerprinting of all known vulnerabilities.
• A complete vulnerability analysis and ranking of all exploitable weaknesses based on potential impact and likelihood of occurrence for all
services on each host.
• A prioritized list of mis- configurations.
At the end of the process, a final report is always produced detailing the
findings and the best way to go about overcoming such vulnerabilities. This
report consists of prioritized recommendations for mitigating or eliminating
weaknesses and, based on the organization’s operational schedule, it also contains recommendations for further reassessments of the system on given time
intervals or on a regular basis.
Because of the necessity of the practice, vulnerability assessment has
become a very popular security practice and as a result, there has been a flurry
of software products created to meet the need. The popularity of the practice
has also led to a high level of expertise in the process as many security assessment businesses have sprung up. However, because of the number of such companies, trust is an issue. It is, however, advisable that a system administrator
periodically employ the services of an outsider to get a more objective view.
Security assessment services, usually target the perimeter and internal
systems of a private computer network, including scanning, assessment and
penetration testing, and application assessment.