Application Security Terminology

Glossary

Vulnerability Assessment

A vulnerability assessment (or vulnerability analysisdefines, identifies, classifies, and prioritizes security holes (or vulnerabilities)  in a computer, a network, or IT infrastructure. Security vulnerability assessments also predict and evaluate the effectiveness of proposed countermeasures. Unlike a penetration test, which exploits weaknesses in the architecture of a system, a vulnerability scan looks for known vulnerabilities in a system and reports potential exposures

There are many vulnerability assessment tools, and a buyer should be cautious about what tool they buyIf performed correctly, a vulnerability assessment will tell you where to invest in your cyber security resources. If performed incorrectly, a vulnerability assessment will leave your infrastructure open to attacks.

To learn more about vulnerability assessments, read Best Practices in Cyber Vulnerability Assessments.