Interpreting the results and remediation. After the vulnerability assessment has taken place it is time to interpret the results of the scan. This is where the organization finds out what the vulnerabilities of their network are. The vulnerabilities that were found in the process of the assessment must be categorized, most vulnerability scanners will produce reports that will list and categorize the threats that were found, this is also called threat modeling which we will get into in the next section. Once these results are analyzed the next step is to start remediating the vulnerabilities. Just like any other updates, the remediation of vulnerabilities should be scheduled, change management is a very important part of an organizations IT …show more content…
Once the scans are complete and the current vulnerabilities are patched it is a good idea to implement a regular scanning schedule, once per month is an acceptable frequency to scan the network for new vulnerabilities. Vulnerability assessment is a continuous cycle due do new vulnerabilities being discovered every day, organizations must stay on top of their game if they want their organization to remain secure. Figure 1 illustrates the continuous cycle of vulnerability assessment.
Modeling and Determining Threats Threat modeling is a way to categorize threats using a structured approach to address the threats with the most potential to do damage to a network. An example of a threat model that is commonly used to rate threats is DREAD, this acronym stands for Damage, Reproducibility, Exploitability, Affected users, and Discoverability. Each of these categories is assessed a value from 0-10 with 0 being nothing and the being the most serious risk. (OWASP, n.d.) An approach such as this will assist an organization in determining the importance and priority of threats on their network. Another commonly used threat model is STRIDE, as seen in Table 2. The following sections will walk through the entire process of threat modeling.
Identifying Assets To model threats, the organization will need to identify their assets. The assets will typically be critical
Companies should develop a control that requires that routine vulnerability assessment of their customer facing web sites, network infrastructure, and associated systems (such as database systems). Vulnerability assessment can help identify potential weaknesses to systems and also provide a sort of feedback to the organization’s IT department on their current operational policy and security posture. The cost of performing a routine vulnerability assessment is considerably less than that of an actual data breach.
* Identify risks, threats, and vulnerabilities in the 7 domains of a typical IT infrastructure
3.1.6 Vulnerability testing: by conducting vulnerability tests allows the organization to see if the system can be penetrated and if there are any weak areas in the system. If vulnerabilities are found this allows the organization time to fix the problem.
Results of this quarter’s external network vulnerability scans are in her in-box; a quick peek at the report tells her that numerous risks are flagged as “critical vulnerabilities”.
My next recommendation is in regards to your threat modeling process document describing each step of your process. I want to start by saying you did an excellent job describing each step and how it is to be performed which was lacking in some of the threat model I have read. However, in your document you might want to look at making some format changes. My first recommendation is to change the document to be double spaced. This provides a little more distance between each line in the paper making it easier to read and helps ensure the paper meets the required APA format. My second recommendation is to added numbers for each of the step. This helps to make the paper easier to read and provided the reader with a quick reference of what step number there are on. Below is a example of what I
Identify the threat. Note if it is legitimate (the threat could some true) or contrived (the person is the one making the
Attackers attack the network by identifying a weak point in the network and create a network threat. There are four primary classes of threat: Unstructured Threats, Structured Threats, External threats and internal
Assess the risk to our client’s information or when threats are exploited. Cyber Armors goal in assessing risk will be to analyze the vulnerabilities and identify actions to mitigate each risk and implement and apply counter measures to mitigate the risk factors.
Threat: a category of objects, persons, or other entities that presents a danger to an asset
The entire security testing process is performed so that security flaws and software vulnerabilities can be reviled. There have been many system security breaches lately like Home Depot, Apple Pay competitor Current C and Home Depot that has prompted companies to look more seriously at tools and techniques that they can utilize to better identify and analyze potential threats and vulnerabilities. The main objective of security testing is determining how vulnerable the systems are and if the data and resources contained on those systems are protected against potential intruders. The chart below outlines several common tools that can be used to identify and analyze potential threats and vulnerabilities.
A threat agent is a specific component that represents a danger to an organization’s assets. And a threat is an object, person or entity that represents a constant danger.
Having vulnerabilities is never a good thing and it is important to take care of the biggest issues first, then other issues can be taken care of afterwards. These ten vulnerabilities are the major ones that were fund and they pose the biggest risk to the business so these of course need to be fixed first.
Attack trees are visual representations of security loopholes. They are models representing of security loopholes. They are model representing the likelihood of dangers by using the branch model.
Maintaining a continual security posture is critical to staying ahead of the vulnerabilities. With the number of new attacks constantly on the rise even the most seasoned IT security staff can overlook a vulnerability. To assist your staff in reviewing the security of your infrastructure a vulnerability assessment is a valuable tool. There are many free and licenses software packages such as Nessus and Metasploit which can be loaded onto a workstation and left to run. These packages run through a library of known vectors of attack against your network equipment and servers. You are then presented a report showing a list of attack successes and suggested mitigation steps. Such software should be run on a monthly, or even weekly, basis by your internal staff against your critical infrastructure.
“Vulnerability Scanning is the art of using one computer to look for weaknesses in the security of another computer” (Houghton, 2003). Just like any other security tool or software available, there are many forms of vulnerability scanning. Each of these methods provides a specific task to help an organization determine the security of their networks. These forms of vulnerability scanning are called: