A vulnerability is a weakness in internal controls that could be exploited by a threat to gain unauthorized access to information or disrupt system. Vulnerability management is the process which is used to identify, diagnose, treat, and report security vulnerabilities in the systems and software on them. It is a repetitive practice of classifying, mitigating, identifying and remediating vulnerabilities, especially in the firmware and software’s and is an inherent part of network and computer security. It is important for organizations to implement with other security strategies to prioritize the potential threats and reduce their “attack surface”.
Vulnerabilities could be discovered with the help of a vulnerability scanner that helps in scrutinizing a computer system to look for flaws and weaknesses in it. Vulnerability has broader view than just system being vulnerable to some intimidation. System being vulnerable implies that product and the data on the product is not secure and it will be like a music to attacker’s ear and as the amount of these incidents rises, so does the way we need to classify the dangers they pose to businesses and consumers.
Per SANS whitepaper, the process for vulnerability management is broken down to 5 major steps:
- Preparation: This is the first step where the scope of vulnerability is set. So that security office can prepare them for the types of vulnerabilities they are going to face.
- Vulnerability scan: After the first phase, there are various scans done by the vulnerability engineer to list down all the vulnerabilities and provide the recommendation for the mitigation and improvement.
- Define remediating actions: In this phase, with the corporation of security officer and IT department the analysis of vulnerabilities and risk associated to them are analyzed and the action plan for the remediation is prepared.
- Implement remediating actions: The planned remediating actions should be executed in line with the agreed time frames. If a problem occurs with implemented remediation, it should be recorded. Alternative actions should be defined by the asset owner based on recommendations by the security officer and the IT department
- Rescan: Once the risk has been addressed, a rescan should be set up to confirm remediating actions have been implemented. This scan will be performed using the same vulnerability scanning tools and the same configuration settings as the first scan. This step is very important to prevent negative results due to configuration errors.
With the advent of new technologies, huge number of mobile phones, services, networks are added to the environment every day. This increases the vulnerability with new members in the environment as it opens the gate for attackers to steal the show. So, to protect the organization from all these threats, we must perform vulnerability management so that we can adapt to changing technologies and stay ahead of attackers. There are innumerable benefits of vulnerability management specially for the software and networking related companies, as they are more prone to attacks by hackers in the modern world. The vulnerabilities found in a network on an everyday basis are very high and managers must perform vulnerability assessment on a large scale to make sure that all the problems are eradicated from the system. Thus, vulnerability assessment process has become mandatory in an organization and companies are hiring vulnerable management managers to look after their security systems