Vulnerability Mapping

Vulnerability Mapping

is a process of identifying and analyzing the critical security

flaws in the target environment. This terminology is also sometimes known as

vulnerability assessment

program through which the security controls of an IT infrastructure can be analyzed

against known and unknown vulnerabilities. Once the operations of information

gathering, discovery, and enumeration have been completed, it is time to investigate

the vulnerabilities that may exist in the target infrastructure which could lead

. It is one of the key areas of the vulnerability management

to a compromise of the target and violation of the confidentiality, integrity, and

availability of a business system.

 we will be discussing two common types of vulnerabilities,

presenting various standards for the classification of vulnerabilities, and explaining

some of the well-known vulnerability assessment tools provided under the

BackTrack operating system. The overall discussion of this chapter constitutes:

•

The concept of two generic types of vulnerabilities—local and remote.

•

to classify any vulnerability according to its unifying commonality pattern.

The vulnerability taxonomy pointing to industry standards that can be used

•

A number of security tools that can assist in finding and analyzing the

security vulnerabilities present in a target environment. The tools presented

are categorized according to their basic function in a security assessment

process. These include OpenVAS, Cisco, Fuzzing, SMB, SNMP, and web

application analysis tools.

Posted in: