Vulnerability/Threat Assessment

Vulnerabilities/Threat Assessment must be continuous because the assets change dynamically as well as the cyber threats change unexpectedly.  In order to detect these vulnerabilities, we must continuously run automated vulnerability/threat assessments to inform organizations about the level of vulnerability from each of the assets.  Vulnerabilities are known threats that must be mitigated as we find them before these vulnerabilities become threats to the assets. Various vulnerability scanners should be utilized to automate the vulnerability scanning on a continuous basis.  Unlike zero-day attacks, we must remove these known vulnerabilities in your networks as quickly as possible.  Network, computer and application vulnerabilities must be scanned continuously.  Some of the application vulnerabilities include Spoofing identity, integrity threats, information disclosures, elevation of privileges, backdoors, buffer overflows, URL rewriting, Predictable credentials, Hidden fields, cross-site scripting, parameter tampering, cookie poisoning, session cloning & hijacking, input manipulation, direct access browsing, improper web server configuration.

Vulnerabilities typically fall into defined categories as follows, and are reported accordingly upon discovery:

Risk LevelDescription of Vulnerabilities
CriticalAllow remote access as an unprivileged user using widely known exploits requiring no tools or technical skill. Allow privileged access with publicly available tools and privileged file system access.
SevereAllow remote access as an unprivileged user using widely known exploits requiring no tools or technical skill. Allow privileged access,with publicly available tools and privileged file system access.
MajorAllow remote access as a user or remote access to file shares. Vulnerabilities in this category that grant interactive access as a user usually require a higher degree of technical skill or have known exploits that work only on select versions of operating systems.
ModerateAllow read-only access to file share or data that can usually (but not always) result in further access such as the reading of the system password file
MinorAllow a hacker to deny service to specific services on the system or to disable the entire system. Do not allow the hacker access to the system or its information.