What Is Vulnerability In Computer Security?
Vulnerability In computer security, a vulnerability is a weakness point in any website which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness. In this frame, vulnerability is also known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. This practice generally refers to software vulnerabilities in computing systems.
Definition - What does Vulnerability mean?
Vulnerability is a cyber-security term that refers to a flaw in a system that can leave it open to attack. A vulnerability may also refer to any type of weakness in a computer system itself, in a set of procedures, or in anything that leaves information security exposed to a threat.
Techopedia explains Vulnerability
Vulnerabilities are what information security and information assurance professionals seek to reduce. Cutting down vulnerabilities provides fewer options for malicious users to gain access to secure information. Computer users and network personnel can protect computer systems from vulnerabilities by keeping software security patches up to date. These patches can remedy flaws or security holes that were found in the initial release. Computer and network personnel should also stay informed about current vulnerabilities in the software they use and seek out ways to protect against them.
Top 6 Vulnerability Scanning Tools
Though you may know and follow basic security measures on your own when installing and managing your network and websites, you'll never be able to keep up with and catch all the vulnerabilities by yourself.
Vulnerability scanners can help you automate security auditing and can play a crucial part in your IT security. They can scan your network and websites for up to thousands of different security risks, producing a prioritized list of those you should patch, describe the vulnerabilities, and give steps on how to remediate them. Some can even automate the patching process.
Though vulnerability scanners and security auditing tools can cost a fortune, there are free options as well. Some only look at specific vulnerabilities, but there are also those that offer broad IT security scanning. (Watch the slideshow version of this story.)
1. OpenVAS
The Open Vulnerability Assessment System (OpenVAS) is a free network security scanner platform, with most components licensed under the GNU General Public License (GNU GPL).
2. Retina CS Community
Retina CS Community provides vulnerability scanning and patching for Microsoft and common third-party applications, such as Adobe and Firefox, for up to 256 IPs free. Plus it supports vulnerabilities within mobile devices, web applications, virtualized applications, servers, and private clouds. It looks for network vulnerabilities, configuration issues, and missing patches.
3. Microsoft Baseline Security Analyzer (MBSA)
Microsoft Baseline Security Analyzer (MBSA) can perform local or remote scans on Windows desktops and servers, identifying any missing service packs, security patches, and common security misconfigurations.
4. Nexpose Community Edition
Nexpose Community Edition can scan networks, operating systems, web applications, databases, and virtual environments. The Community Edition, however, limits you to scanning up to 32 IPs at a time. It’s also limited to one-year of use until you must apply for a new license. They also offer a seven-day free trial of their commercial editions.
5. SecureCheq
SecureCheq can perform local scans on Windows desktops and servers, identifying various insecure advanced Windows settings like defined by CIS, ISO or COBIT standards. It concentrates on common configuration errors related to OS hardening, data protection, communication security, user account activity and audit logging. The free version, however, is limited to scanning less than two dozen settings, about a quarter of what the full version supports.
6. Qualys FreeScan
Qualys FreeScan provides up to 10 free scans of URLs or IPs of Internet facing or local servers or machines. You initially access it via their web portal and then download their virtual machine software if running scans on your internal network.
No comments:
Post a Comment