Vulnerability Assessment

Vulnerabilities are a flaw or weakness in a system security procedure, design, implementation, or control that could be intentionally or unintentionally exercised by a threat. The goal of this program is to develop a list of vulnerabilities (flaws or weaknesses) that could be exploited by potential threat sources. This list should focus on realistic technical and nontechnical areas where critical information can be disclosed without proper authorization, improperly modified, or made unavailable when needed.

What Does This Mean?

1: Asset vulnerabilities are identified and documented

2: Threat and vulnerability information is received from information sharing forums and sources

3: Newly identified vulnerabilities are mitigated or documented as accepted risks

4: A vulnerability management plan is developed and implemented

Vulnerability Program Development Resources

Threat & Vulnerability Management Program Guide

Computer Emergency Readiness

US-CERT is responsible for analyzing and reducing cyber threats, vulnerabilities, disseminating cyber threat warning information, and coordinating incident response activities.

NIST NVD

The NIST National Vulnerability Database shows some of the latest 20 scored vulnerabilities from the NVD, updated once per hour.

Qualys

Get immediate visibility into where your IT systems might be vulnerable.

Program Implementation Support

Are you looking for a partner to help develop industry best practices into your security program? Leading security professionals with the experience and professionalism you desire are at your fingertips.

Contact us today and let us know how we can be of service!

Contact Us