Recognize the Importance of Vulnerability Management

Importance of Vulnerability Assessment
Student’s Name
Institutional Affiliation
Importance of Vulnerability Assessment
The use of system applications in organizations has increased in the past few decades. Consequently, attacks on these systems has also increased as well. Therefore, system security has emerged as a big challenge for organizations due to the increasing attacks. There are a number of approaches that can be used to mitigate various security risks, they include use of Firewalls, defensive coding and system audits. Vulnerability assessment is the widely used approach in the assessment of system security. Vulnerability assessment and vulnerability scanning are often used interchangeably. They appear to be similar but they are a bit different and complimentary to each other.
According to the US National Institute of Standards and technology (NIST) a vulnerability is “a weakness in an information system, system security procedures, internal controls, or implementation that could be exploited by a threat source.” Therefore, a vulnerability assessment is the process of establishing, defining, classifying and prioritizing vulnerabilities in systems and infrastructures providing the organization with risk knowledge to understand the threats to its system and come up with appropriate measures. On the other hand vulnerability scanning is an automated process conducted to identify any vulnerabilities that a system might possess to help in securing the network. In general, a vulnerability assessment cannot be complete without a vulnerability scan and a vulnerability scan cannot be initiated without an assessment plan. A vulnerability assessment enables the organization to have insights into security weaknesses or flaws within its systems and how risks associated with those flaws can be assessed. Vulnerability assessments are conducted to discover the various types of system securities implying that the process involves a number of tools, scanners and methodologies in order to identify the vulnerabilities.
It is common for systems to have vulnerabilities for a long time before they are identified. In this case, the organization may think that the system is open. However, to address these vulnerabilities, the organization must know about them. Therefore, that is why it is important to do vulnerability assessments on a regular basis to ensure the systems are patched because new ones are constantly being discovered as time goes by. To identify the vulnerabilities, it is important to assess threat vectors of the system. Threat vectors are the paths that can be used to gain unauthorized access to a system. It might be through an email wireless networks or browsers that an attacker might use to gain access to a system.
There are many ways that attackers can use to gain access to a system, therefore, it is important for the organization to ensure that it is covering all bases against threat vectors. Some are vulnerable to attack than others but it all depends on the organization’s systems. Assessing threat vectors during a vulnerability assessment process enables the organization to establish the kind of vulnerabilities that the system might be exposed to. Therefore, threat vectors enables the organization to identify more vulnerabilities the system might be exposed to.
During vulnerability assessment, there are a number of vulnerabilities that should be assessed to establish risks that a system is exposed to. They include:
* Back door- this is an access pathway which is unprotected by the implemented security systems. Back door pathways may be legitimate actions such as software updates and servicing the devices. However, the problem with this pathway, it can be used by attackers to gain unauthorized access to a system. Additionally, back door can be implemented as an independent service or application that provides unmonitored pathways to secure systems. Trojan Horse is an example of an application which allows attackers to have the abilities of controlling systems and gain access remotely to the data of the organization. Back door vulnerabilities can also exist in form of hardware devices. Some system devices have ports that can be used to connect to systems.
* Buffer Overflow- this can happen when a system lacks proper limitations put in place to monitor the amount and type of data can be inputted into a system. It can lead to a number of problems such as freezing unrestricted access, freezing and many more.
* Software exploitations- attackers tend to exploit available vulnerabilities within a software of system itself. These type of vulnerabilities may be as a result of mistakes in program code which can cause various problems with security of the system. These mistakes can be discovered by attackers and exploit them to gain unauthorized access to a protected system.
From the above details, it is evident that there is no system that is 100% secure. There are a number of threat vectors that attackers can try to gain access to a system. The same way it is easier to gain access to hotels than bunkers, it is also easier for attackers to identify vulnerabilities in systems that has a ...