Vulnerability Assessment: Types and Methodology

Vulnerability assessment identifies and evaluates security issues in digital systems and infrastructures that can potentially pave the way for cyber attacks. It is performed on both internal and external systems, though this post focuses only on external vulnerability assessment, a critical part of the external attack surface management (EASM) process, which aims to detect and tackle vulnerabilities before attackers can exploit them.

Vulnerability assessment usually involves scanning a target system for security weaknesses, misconfigurations, and vulnerabilities, such as those listed on MITRE’s Common Weakness Enumeration (CWE) and Common Vulnerabilities and Exposures (CVE) lists.

Table of Contents

• Common Types of Vulnerability Assessment
• Vulnerability Assessment Methodology

Common Types of Vulnerability Assessment

Vulnerability assessments are categorized based on the target system or infrastructure component being tested. For external-facing mission-critical targets, such as networks, web applications, application programming interfaces (APIs), and cloud integrations, assessments can be holistically performed by most EASM platforms. We’ll discuss some of the most common types of vulnerability assessment in greater detail below.

• Network-based assessment: This type of vulnerability assessment focuses on identifying open ports, outdated software, and other weak points in network devices and infrastructures, including Internet-facing firewalls and DNS configurations.

• Web application vulnerability assessment: This assessment aims to detect vulnerabilities in websites and web applications that can give way to common web application attacks, including denial-of-service (DoS) and brute-force attacks. These attacks can allow threat actors access to financial data, login credentials, and other sensitive information.

• API-based vulnerability assessment: As an intermediary between different applications, APIs are usually exploited to access sensitive data or launch further attacks. A vulnerability assessment on APIs aims to detect weaknesses, such as authorization issues, excessive data exposure, insufficient logging and monitoring, and other security misconfigurations.

• Cloud-based vulnerability assessment: This type of assessment focuses on detecting inconsistencies and misconfigurations in cloud environments that can give attackers access to sensitive data and critical systems. It scans for vulnerabilities in cloud infrastructures and applications, including web and mobile applications deployed in the cloud.

Vulnerability Assessment Methodology

All types of vulnerability assessment roughly follow the same procedure that begins with asset discovery. Below are the five phases of vulnerability assessment.

1. Asset discovery and evaluation: As a first step, you need to create an updated catalog of all your assets and determine which ones are critical to your operations. Part of this step is looking at the assets the way attackers would and assessing which ones they would find most attractive.
2. Vulnerability scanning: The most critical and attractive assets are scanned for security issues using various tools that glean data from vulnerability databases, threat intelligence feeds, and other cyber intelligence sources.
3. Vulnerability analysis: The discovered vulnerabilities are then examined deeper. At this step, security teams analyze the source of a vulnerability, which systems and data are at risk, what other assets are affected, and the severity of a potential cyber attack. The vulnerabilities are ranked based on this analysis.
4. Remediation: After vulnerabilities are ranked based on perceived risk, security teams can allocate resources to address them. The depth and variety of remediation efforts, which may include applying software patches, changing system settings to more secure configurations, or implementing new security measures, depend on the specific vulnerabilities found.
5. Continuous monitoring: Like most security processes, vulnerability assessment is not a one-time undertaking. Organizations need to monitor and assess their digital infrastructures continuously to detect new assets and emerging security issues.

—

Vulnerability assessment is among the most important cybersecurity processes to help ward off cyber attacks, especially since more than 220,000 CVEs and CWEs affect widely used software, applications, and systems today.

Learn how Attaxion can help you stay ahead of attackers with a comprehensive vulnerability assessment methodology.  Start your free trial now.

Interested to Learn More?

• Active and Passive Vulnerability Scanning: What Is the Difference?
• Penetration Testing versus Vulnerability Scanning: How Do They Differ?