Vulnerability Assessment

Vulnerability analysis, also known as vulnerability assessment, is a process that defines, identifies, and classifies the security holes (vulnerabilities) in a computer, network, or communications infrastructure. In addition, vulnerability analysis can forecast the effectiveness of proposed countermeasures and evaluate their actual effectiveness after they are put into use.

Vulnerability analysis consists of several steps:

• Defining and classifying network or system resources

• Assigning relative levels of importance to the resources

• Identifying potential threats to each resource

• Developing a strategy to deal with the most serious potential problems first

• Defining and implementing ways to minimize the consequences if an attack occurs