What is a Vulnerability Assessment
A vulnerability assessment, in connection with a threat assessment, is an assessment conducted by an information technology security specialist and seeks to define, identify and categorize vulnerabilities within infrastructure, architecture and technology systems (Vulnerability Assessment – Tech Target) in order to protect assets and address security concerns.
Once these vulnerabilities are identified, the potential impact to the business of the loss and data in the event of a cyber attack is measured. Assets within these systems are then given a quantifiable value associated with their importance to the company as a whole (Risk Analysis – WBDG).
Definition in Action
After identifying the vulnerabilities and understanding the impact to the business should an attack occur, the vulnerability assessment then focuses on remediation of the security holes that were found. By understanding where the vulnerabilities lie within your organization, you can take proactive steps to prevent a security breach or make sure you are prepared should an attack ever occur.
- Vulnerability Assessments vs. Penetration Tests – SecureWorks by Dell
- 8 Steps to an Effective Vulnerability Assessment – Forsythe Focus
- Internal vs. External Vulnerability Scans: Why You Need Both – ComplianceGuide.org
- Vulnerability Assessment – SSAE-16 Resource Center