Vulnerability Assessment Tools for OS and Applications

Vulnerability assessment is scanning a network for known security weaknesses. Vulnerability scanners are software tools designed to provide an automated method for conducting vulnerability scans across an entire network that may run into hundreds or even thousands of machines. According to EC-Council (2018), vulnerability scanners can help identify the following types of weaknesses:

· the OS version running on computers or devices

Don't use plagiarized sources. Get Your Custom Essay on

Just from $13/Page

Order Essay

· IP and Transmission Control Protocol/User Datagram Protocol (TCP/UDP) ports that are listening

· applications installed on computers

· accounts with weak passwords

· files and folders with weak permissions

· default services and applications that might have to be uninstalled

· mistakes in the security configuration of common applications

· computers exposed to known or publicly reported vulnerabilities

Additionally, vulnerability scanners can be used to help predict the effectiveness of countermeasures (security controls) and to test the effectiveness of those controls in the production network. Further, vulnerability scanners also have limitations, primarily in that they are only as effective as the supporting databases and/or plug-ins at a point in time. Large, automated vulnerability scanning suites also require maintenance, tuning, and frequent updates to be able to detect new vulnerabilities. Finally, scanning engines are prone to both false positives and negatives. That is where you as the cybersecurity professional will apply your deep knowledge of the environment, network, and applications in use.