Various approaches are involved in the vulnerability assessment solutions and how to choose…

Various approaches are involved in the vulnerability assessment solutions and how to choose appropriate vulnerability assessment tools.

· A Vulnerability Assessment is a process of identifying Vulnerabilities in the network. The issues discovered are then compiled and analyzed according to the risk levels.

· Vulnerability Assessment does not mean the exploitation of vulnerabilities. As threats and vulnerabilities are increasing day by day, one should perform vulnerability scans regularly.

· Vulnerability Assessment tools are used to secure and protect the organization’s networks and systems.

The following steps perform vulnerability Assessment:

1. Identifying the system’s resources, including all the hardware as rootkits (a vulnerability), can be hidden entirely in the system process or any software.

2. Assigning values to the resources according to the risk factors.

3. Identifying the vulnerabilities or threats to each resource.

4. Eliminating or finding a patch of most serious vulnerability for most valuable resources.

· Network Vulnerability scanners analyze and identify vulnerabilities in the target network or network resources using vulnerability assessment and network auditing.

· A scanner categorizes the vulnerabilities as critical, major, or minor. While choosing a vulnerability scanner, one should know the scanner’s accuracy rate. If a wrong scanner is selected, it may give false information to report the vulnerabilities that don’t exist.

Some tools for performing vulnerability assessment are:

1. OpenVAS- This tool serves many functions/ tests like unauthenticated testing, authenticated testing, various high level and low-level Internet and industrial protocols, performance tuning for large-scale scans, and a powerful internal programming language to implement any vulnerability.

2. Nessus- Nessus is an assessment solution tool for identifying vulnerabilities, configuration issues, and malware. This tool also supports various systems like OSes, network devices, hypervisors, databases, tablets/phones, web servers, and critical infrastructure.

3. GFI LanGuard- GFI LanGuard can perform scans, detects, assesses, and rectifies security vulnerabilities in your network and connected devices. It scans the network and ports to detect, evaluate, and correct security vulnerabilities with minimal administrative effort.

4.Nikto- Nikto is an Open Source web server scanner, performs tests against web servers for multiple items. It also checks for outdated versions of servers. It also checks for server configuration items such as the presence of multiple index files and HTTP server options.