Cyber Security Tutorial

Cyber Security Overview Cyber Security Introduction Cyber Crime Cyber Space Cyber Criminals Cyber Law Cyber Attackers Types of Hackers Functions of Cyber Security Method to Improve Data Security Cyber security frameworks Importance of Cyber Security Types of Cyber Security Cyber Security Fundamentals Applications of cyber security Cyber security in education sector Cyber security in health care industry Cyber security tools Cyber security policies Types of security policies Characteristics of cyber security policies Digital signature Cyber Security Standards NIST- National Institute of Standard and technology Information Technology Act ISO - International Standard for Organization ISO certification PCI DSS Standard FINRA Difference between Information Security and Cyber Security Cyber Security Vulnerability Elements of vulnerability management Social Engineering Vulnerability Assessment Vulnerability management Types of cyber security vulnerabilities Identification of security vulnerability Types of social engineering attacks Penetration Testing Penetration Testing Tools Types of penetration testing Process of Penetration Testing What is Phishing Elements of cyber security Difference between Spoofing and Phishing Difference between Network Security and Cyber Security Difference between Ethical Hacking & Cyber Security Role of artificial engineering in cyber security Cyber Forensics Definition Cyber Security job qualifications Cyber Security Prerequisites Cyber Security Identity and Access Management What is Cyber Forensics Different Types of Cybercrime Different types of cybercrime Tunneling Techniques in Cyber Security

Vulnerability Assessment
2022-07-04 00:04:49

Vulnerability Assessment

Introduction

In most cases, vulnerability management is considered a vulnerability assessment. Still, these are different terms as the “vulnerability management” process manages to find and remove vulnerabilities, and “vulnerability assessment” is a component of vulnerability management and IT risk management lifecycles.

As vulnerability is considered a weakness in internal controls, a bug in the code, flaw in software design that cybercriminals can exploit to cause harm that may result in a security breach to the system and vulnerability testing is the only option to identify/ detect vulnerabilities in the software to support infrastructure before any miss happening takes place.

So, vulnerability assessment is the process of testing used to identify and assign a severity level to the security defects in the system as possible in the given time frame. Vulnerability assessment uses automated and manual testing techniques that emphasize comprehensive coverage.

“Vulnerability assessment component of vulnerability management possess process to identify vulnerabilities and risks in the system, application, computer networks, application, hardware and other parts of the ecosystem.”

Vulnerability assessment helps identify, prioritize, and classify vulnerabilities in a computer system. It also provides an organization with awareness, necessary knowledge and risk background related to the threat to its environment.

Some of the threats prevented by vulnerability assessment are:

  • Insecure defaults in the software due to insecure settings like guessable admin passwords.
  • XSS, SQL injections or other injection attacks.
  • Due to faulty authentication mechanisms, other threats occur like acceleration of privileges.

Importance of vulnerability assessment

Vulnerability assessment is beneficial for an individual or an organization that faces an increment in cyber-attacks but for large organizations that have to deal with continuous cyber-attacks, so for them, vulnerability analysis is beneficial. In an organization, vulnerability assessment provides the direction of accessing risks associated with those weaknesses and their detailed understanding. Due to this process, organizations better understand the security flaws, its assets and overall risk that's helpful for any cyber-criminal to breach the system and catch the business off guard.

Therefore vulnerability assessment is important for an organization in several ways. It allows security teams to apply a consistent, clear and comprehensive approach to identifying and resolving system security issues (risks and threats). It is important as:

  • It protects the system against unauthorized attacks and data breaches
  • Provide remediate actions to protect the sensitivity and information of the system
  • Early detection or identification of weaknesses and threats in IT security
  • Fulfil the need for cyber security compliance and areas like HIPPA and PCI DSS

Types of vulnerabilities assessment

  1. Wireless assessment
    Wireless assessment is designed to observe the variables (architectural, configuration and environmental) directly impacting the functionality and security of the current wireless installation of the system.
    This assessment observes the wireless access points and their distribution throughout the environment. It also covers physical installation (mounting and orientation of access points) to strengthen the processes and systems.
    When an external provider does the vulnerability assessment, it will identify the wireless network by evaluating wireless security controls with encryption, access management and authentication functions.
    This process is conducted by analyzing the strength of the wireless encryption schemes and accessing the wireless access points and card configurations to identify known and unknown vulnerabilities. After identifying, vulnerabilities, the recommendation for mitigation is provided.
  2. Build assessment
    While building/designing software or application, some bugs may later hinder the application's performance because hackers and malware stay in their (bugs, security gaps/ weakness) and wait to exploit them and breach the system.
    So to deal with this issue, build assessment is utilized to analyze the application or software layout, security system design and technology adapted in the current setup.
    The software and application built for any security or performance bugs are analyzed by build assessment, which also prevents/controls vulnerability build-up.
  3. Web application assessment
    This assessment is essential for cloud-based and online applications where it identifies the security vulnerabilities by automated scanning & performing static and dynamic code analysis.
    Web application assessment uses network vulnerability scanners and front-end automated scans to scan the web servers and their operating system. Various other vulnerability scanner uses the known vulnerabilities and misconfiguration database.
    Still, web application scanners are specialized tools that look at the executing code of applications and web flaws like command injection, SQL injection, path traversal, and cross-site scripting (XSS). They are capable of finding unique unknown vulnerabilities to the tested applications.
    The method of finding unknown vulnerabilities used by penetration testers is known as DAST- Dynamic Application Security Testing. The actual source code of the web application is analyzed during the development stage of SDLC, and DAST does it in conjunction with SAST tools (Static Application Security Testing).
    Instead of using two tools for scanning, experts have designed a common web application vulnerability testing tool known as IAST ( Interactive Application Security testing) as it is integrated into the QA process and DevOps and complementary to both SAST and DAST. It has the same functions of identifying vulnerabilities and insecure configuration in the web application before releasing it into production or use.   
          
  4. Database assessment
    The assessment is used to identify vulnerabilities and weakness in the database system as its first element of risk need to be measured. Databases systems like MySQL, Oracle, Postgres, Microsoft SQL etc., are evaluated for known vulnerabilities and attack scenarios. In database assessment, vulnerabilities are like:
    • Configuration error (lack of a database password policy)
    • Misconfiguration of critical files ( configuration o listener of audit trails)
    • Privilege management error (public access to a sensitive table)
  5. Host-based assessment
    The internal and external risk exposure badly impacts the business and needs to be evaluated promptly. So, this host-based assessment is used as an evaluated process that performs an in-depth evaluation of the system and provides insight into the networks for identifying security weaknesses.
    In this assessment, assessor scanners are used to scan the system from a user security perspective as the user is the one who accesses the system/network in the organization and addresses the vulnerabilities by detecting intruders and identifying suspicious insider activities that have already infiltrated the system. Providing insight on internal and external threats of the system/ network help in preventing internal misuse of the system by the user and its external misuse by intruders that can compromise the security and access information. With this feature, the host-based assessment provides an additional level of security to the system/ network.
       
  6. Secure configuration assessment
    Rather than application, software, databases, internet, and human-created threats, system configuration also opens backdoors for hackers and malware to exploit the vulnerabilities.
    To evaluate this, security experts design a configuration assessment process that helps identify vulnerabilities present in the infrastructure configuration. For example, adequacy of the DLP security matrix, firewall/WAF, the configuration of servers, switches, routers, VPNs, mainframes, NAC etc.
    This assessment focus on the current security posture and insight overview of complete access controls, applications running on critical systems, and services and identify missing security patches. System misconfiguration and potential vulnerabilities of system and application are identified to stop being exploited by the hackers to gain access to the system.
  7. Mobile application assessment
    Mobiles are the major source of communication now and are accessible with applications; therefore, application security is the major concern to protect from potential threats. So the experts design mobile application assessments to evaluate the defence mechanism of applications against threats.
    It is a process of examining mobile applications by running an assessment on the mobile apps and APIs to identify potential risk exposure and vulnerabilities like password storage, Man-in-the-middle attacks and session management. In this, static and dynamic mobile security testing methods are used for evaluation, including application behaviour, privacy checks and other security measures. Functions performed by this mobile application assessment are:
    • Reduced risk exposure
    • Provide assurance and security to the mobile application from potential threats
    • Enhance operational efficiency
    • Implement actionable security measures
    • Overall security to the mobile application and APIs  

Working on vulnerability assessment

The vulnerability assessment works on the three primary objectives: identifying, documenting and remediating the identified vulnerabilities. To do vulnerability assessment, you must follow a particular security scanning process with four steps: testing, analysis, assessment and remediation.

  1. Identification of vulnerability (Testing)
    This is the initial step of finding vulnerabilities and drafting a comprehensive list of an application's vulnerabilities. The security health of applications, other systems and servers are tested by security analysts from the scanning process with automated tools or evaluated or tested manually. Security analysts identify the security weakness and rely on vendor vulnerability announcements, threat intelligence, vulnerability database and asset management system to feed them.
  2. Analysis of vulnerability
    A vulnerability has an origin point, root cause, and source that need to be identified in one step to resolve. System components responsible for vulnerability and root cause should be identified in the vulnerability analysis. For example: In a system old version of an open-source library could be the root cause of a vulnerability, and for remediation, it needs to be upgraded.  
  3. Risk assessment
    This step prioritizes the vulnerabilities by assigning a rank or severity score. Security analysts can do this by prioritizing vulnerabilities on the bases of these factors:
    • What data, business, or system are at risk?
    • How much vulnerability has created damage?
    • What’s the severity of an attack?
    • What’s the ease of attack or compromise?
  4. Remediation of the identified vulnerability
    The remediation step heals the identified vulnerabilities by closing the security gaps. This method is a joint effort of development, security staff and operation teams to provide an effective path for mitigation and remediation of each vulnerability. It consists of these steps:
    • Firstly introduction of new security measures, procedures or tools.
    • Updation of configuration or operational changes
    • Final implementation and development of a vulnerability patch

Tools for vulnerability assessment

To do the vulnerability assessment in the system, vulnerability scanning tools are required to carry out various types of scans like internal/ external vulnerability scans, environmental scans and credentialed or non-credential scans. Tools for vulnerability assessment are selected by emphasizing different areas such as:

  • Actionability of results
  • Updates frequency
  • Vulnerabilities quantity and quality which include minimizing false negatives and positives  and elimination of false positives
  •  Integration of the IT security tools like SIEM, patch management etc. and  other vulnerability management

Vulnerability assessment tools include these types of scanners:

  • Web application scanners – Require to test and simulate known attack patterns.
  • Network scanners – It scans the whole network to discover warning signals during visualization of the network, such as stray IP addresses, suspicious packet generation and spoofed packets from a single IP address.
  • Protocol scanners - These scanners search for vulnerable ports, network services and protocols.

These regularly automated scheduled scans of all critical IT systems feed into the organization's ongoing vulnerability assessment process.