Announcement

Collapse
No announcement yet.

Vulnerability Assessment Methodology

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Vulnerability Assessment Methodology

    The first phase of a vulnerability assessment is the Acquisition phase in where you will collect documents required to
    • Review laws and procedures related to network vulnerability assessment.
    • Identify and review documents related to network security.
    • Review the list of previously discovered vulnerabilities.


    The second phase is the Identification phase and contain following tasks
    • Conduct interviews with customers and employees involved in system architecture design and administration.
    • Gather technical information about all network components.
    • Identify different industry standards which network security complies to.


    The third phase is the Analyzing phase which is in place to follow-up on previous steps
    • Review interviews.
    • Analyze the results of previous or recent vulnerability assessments.
    • Analyze security vulnerabilities and identify risks.
    • Perform threat and risk analysis.
    • Analyze the effectiveness and usefulness of existing security controls.
    • Analyze the effectiveness of existing security policies.


    The fourth phase is the Evaluation phase
    • Determine the probability of exploitation of identified vulnerabilities.
    • Identify the gaps between existing and required security measures or mitigations.
    • Determine the controls required to mitigate the identified vulnerabilities.
    • Identify upgrades required to the network vulnerability assessment process.


    The fifth phase is where we are Generating Reports. The result of the analysis must be presented in a draft report and should be evaluated.
    This report should contain
    • Task rendered by each team member.
    • Methods used and findings.
    • General and specific recommendations.
    • Terms used and their definitions.
    • Information collected from all phases.


    All document should be stored in a central database for generating the final report.
    Certified Security Geek
    Tags: assessment, methodology, phases, vulnerability
Previous template Next
Working...
X

We process personal data about users of our site, through the use of cookies and other technologies, to deliver our services, personalize advertising, and to analyze site activity. We may share certain information about our users with our advertising and analytics partners. For additional details, refer to our Privacy Policy.

By clicking "I AGREE" below, you agree to our Privacy Policy and our personal data processing and cookie practices as described therein. You also acknowledge that this forum may be hosted outside your country and you consent to the collection, storage, and processing of your data in the country where this forum is hosted.

I Agree