Section 22.209 Vulnerability Management: & Identifying Vulnerabilities Flashcards
Objective 4.3 Explain various activities associated with vulnerability management
Vulnerability Management
Systematic process for identifying, evaluating, prioritising, and mitigating vulnerabilities
Goals:
Maintain secure and resilient cybersecurity posture, minimize security breaches, and manage risk effectively
Identifying Vulnerabilities
Systematic practice of recognising and categorising weaknesses in systems, networks, or applications that could be exploited
■ This process is crucial for enhancing system security, preventing unauthorised access, and protecting the integrity of an organizations data and systems
Methods for Identifying Vulnerabilities
Vulnerability Scanning
Automated probing of systems, networks, and applications to discover potential vulnerabilities
● Tools like Nessus and OpenVAS are used to analyse the current state of systems against a database of known vulnerabilities and output a detailed report
● Prioritise identified vulnerabilities, apply patches, and implement mitigation measures to prevent exploitation
Methods for Identifying Vulnerabilities
Application Security
Protecting software from manipulation during its lifecycle
● Techniques include static analysis, dynamic analysis, and package
monitoring for custom software applications
Methods for Identifying Vulnerabilities: Application Security
Static Analysis
Examines the source code without execution to identify
vulnerabilities
Manual review
Aurtomated tools
Methods for Identifying Vulnerabilities: Application Security
Dynamic Analysis
Evaluates applications in real-time to detect
vulnerabilities
OWASP ZAP
Burp Suite
Peach Fuzzer
Methods for Identifying Vulnerabilities: Application Security
Package Monitoring
ensures the security and updates of libraries and components that the applications depend on aresecure and up to date
Snyk
Dependabot
Methods for Identifying Vulnerabilities
Penetration Testing
Simulates real-world attacks on systems to evaluate their security
● Examining penetration test results to understand how systems were
infiltrated or exploited
● Mitigate identified issues to prevent similar attack vectors from being
used by attackers
Methods for Identifying Vulnerabilities
System and Process Audits
Comprehensive reviews of information systems, security policies, and procedures
● Ensures adherence to security best practices and industry standards
The Four-Step Process for Identifying Vulnerabilities
Testing
Evaluate patches and updates in a controlled environment before deploying them across the entire enterprise network
● Verify that solutions to mitigate vulnerabilities do not introduce new issues
The Four-Step Process for Identifying Vulnerabilities
Planning
Establish policies, procedures, and mechanisms to systematically track and evaluate vulnerabilities
● Determine how vulnerability testing will be conducted and fixes deployed
The Four-Step Process for Identifying Vulnerabilities
Implementation
Deploy patches and updates across devices and applications
● Applies to small and large networks to mitigate identified vulnerabilities
The Four-Step Process for Identifying Vulnerabilities
Auditing
Ensure that security patches and configuration changes have been
implemented effectively
● Verify that no issues have arisen after the implementation of changes
